Joseph O’Connor, the U.K. national behind a 2020 Twitter hack, has been extradited to the United States, where he has pled guilty to multiple cybercrime offenses, the U.S. Attorney’s Office Southern District of New York announced Tuesday
“O’Connor used his sophisticated technological abilities for malicious purposes — conducting a complex SIM swap attack to steal large amounts of cryptocurrency, hacking Twitter, conducting computer intrusions to take over social media accounts, and even cyberstalking two victims, including a minor victim,” the SDNY said in a statement.
During the 2020 Twitter hack, multiple high-profile Twitter accounts were taken over – including CoinDesk’s – and used to promote a bitcoin giveaway scam. Despite multi-factor authentication being enabled on some of the accounts, the attackers managed to hide scam warning responses, including from Binance CEO Changpeng Zhao, and amassed approximately 11.3 BTC ($103,960) from the fraudulent activity.
Florida resident Graham Ivan Clark, an associate of O’Connor’s who also participated in the attack, was arrested in March 2021 and tried as a young offender, as he was 17 at the time of the hack.
O’Connor, 23, was also charged by the SDNY and pled guilty for his role in SIM-swapping attacks targeting high-profile executives in the cryptocurrency industry, resulting in the theft of $794,000 in digital assets.
While the SDNY declined to name the company, only stating that it “provided wallet infrastructure and related software to cryptocurrency”, there have been numerous cases of targeted crypto companies using this same technique, including BlockFi.
Telecoms such as AT&T as well as T-Mobile have been sued by victims over the lack of internal security measures that have allowed these attacks to take place.
O’Connor is due back in court on June 23 for sentencing.