The Bitcoin scam messages pumped out from dozens of hijacked celebrity Twitter accounts

  • Joseph James O’Connor, 23, admitted to hijacking celebrity Twitter accounts

In what is one of the biggest hacks in social media history, a series of scam messages were pumped out from 130 Twitter accounts, including Kim Kardashian, Joe Biden, Elon Musk and Jeff Bezos, allowing their followers to send them bitcoin.

All of the tweets, sent from the hacked accounts of the likes of Barack Obama, Michael Bloomberg, Kanye West and Bill Gates in July 2020, urged the celebrities’ millions of followers to send bitcoin to an account while promising to double their money if they did.

Yesterday, Briton Joseph James O’Connor, 23, admitted to hijacking celebrity Twitter accounts as part of a hacking campaign that left a “trail of destruction” with unsuspecting victims defrauded out of more than $180,000.

O’Connor, also known by an online alias of Plugwalk Joe, pleaded guilty in New York on Tuesday to his role in the hacking, as well as stealing $794,000 in cryptocurrency, cyberstalking and online extortion.

The Briton, who was extradited to the US from Spain on April 26, admitted conspiring to commit wire fraud and money laundering. O’Connor was charged along with Briton Mason Sheppard, from Bognor Regis, West Sussex, and two Americans, Graham Ivan Clark and Nima Fazeli.

O’Connor is also believed to be behind an attack on actress Bella Thorne in which he allegedly threatened to leak nude photos he had obtained by hacking her SnapChat account unless she agreed to various demands.

Briton Joseph James O’Connor (23) (pictured) has admitted to hijacking celebrity Twitter accounts and stealing $794,000 in cryptocurrency after being extradited to the US from Spain on April 26
Joseph James O’Connor is led by Spanish police officers as he leaves a court after being arrested in connection with the hack in Estepona, Spain on July 22, 2021. He was later extradited to the United States
Many scam messages were pumped out from 130 Twitter accounts, including Kim Kardashian (pictured), Joe Biden, Elon Musk and Jeff Bezos, allowing their followers to send them Bitcoin
The hackers hacked Kim Kardashian’s Twitter and asked her followers to send Bitcoin

O’Connor, of Liverpool, UK, will also forfeit more than $794,000 and pay restitution to victims, prosecutors said. He faces a maximum of 77 years in prison at the sentencing on June 23.

The Briton, along with the three other hackers, used social engineering tricks to gain access to the Twitter accounts and sent out tweets asking followers to send bitcoin to an account, promising to double their money.

A hacked tweet from Biden read: ‘I’m giving back to the community. All bitcoin sent to the address below will be sent back doubled! If you send $1,000, I’ll send back $2,000. Just do this for 30 minutes.’

Another tweet from Bezos read: “I have decided to give back to my community. All Bitcoin sent to my address below will be sent back doubled. I only do $50,000,000 max.’

Just days after the Twitter hack, O’Connor had laughed off any suggestion that he was behind it.

“I don’t care — they can come and arrest me,” O’Connor told the New York Times in July 2020 about his links to the breach. “I would laugh at them. I have not done anything.

But two years later, O’Connor admitted to being behind the big hack.

The July 2020 Twitter attack hijacked a number of verified accounts, including those of then-Democratic presidential candidate Joe Biden (pictured)
A hacked tweet from Biden read: ‘I’m giving back to the community. All bitcoin sent to the address below will be sent back doubled! If you send $1,000, I’ll send back $2,000. Just do this for 30 minutes
The accounts of former President Barack Obama, reality TV star Kim Kardashian, Bill Gates, Warren Buffett, Benjamin Netanyahu, Jeff Bezos (pictured), Michael Bloomberg and Kanye West were also hit
Jeff Bezos was targeted in the Twitter hack
Many scam messages were pumped out from 130 Twitter accounts, including Kim Kardashian, Joe Biden, Elon Musk (pictured) and Jeff Bezos, allowing their followers to send them Bitcoin
Many scam messages were pumped out from 130 Twitter accounts, including Kim Kardashian, Joe Biden, Elon Musk (pictured) and Jeff Bezos, allowing their followers to send them Bitcoin
The attack reached over 130 Twitter accounts, including those of Kanye West, Bill Gates, Joe Biden and Barack Obama

In 2019, O’Connor and the three other hackers also used a technique known as sim card swapping to break into the social media accounts of two media stars, not named in the court documents but named in press reports as TikTok star Addison Rae and actress Bella Thorne .

The group threatened to release their private photos and other information.

As a result, Thorne preemptively posted on Twitter that she had been “threatened with my own nude photos”, and posted screenshots of the text messages. Thorne said she released the photos so the hacker wouldn’t be able to “take one more thing from me.”

O’Connor allegedly used Rae’s TikTok account to post self-promoting messages, including a video in which his voice is recognizable, the US Department of Justice said. He then threatened to release sensitive personal information related to Rae to people who joined a specified Discord server.

O’Connor is also said to have cyber-stalked a 16-year-old girl and sent her nude photos.

He also cyberstalked a minor and threatened them in June and July 2020. O’Connor called local police multiple times and falsely claimed the victim made threats to shoot people to endanger the minor, the U.S. Department of Justice said.

O’Connor later called several family members of the victim and threatened to kill them, the department added.

In a separate case, the hackers used the same technique to steal $794,000 in virtual currency from a cryptocurrency company in New York. Prosecutors said O’Connor will forfeit the money and pay restitution to the victims.

In 2019, O’Connor and the three other hackers also used a technique known as sim card swapping to break into the social media accounts of two media stars, not named in the court documents but named in press reports as TikTok star Addison Rae and actress Bella Thorne (pictured)
Barack Obama was targeted in the 2020 Twitter hack
Bill Gates was targeted in the 2020 Twitter hack
Kanye West was targeted in the July 2020 Twitter hack. O’Connor has now admitted to being behind the attack

‘O’Connor’s criminal activities were blatant and malicious and his behavior affected the lives of many people. He harassed, threatened and pressured his victims, causing significant emotional harm, Assistant State’s Attorney Kenneth Polite said in a statement.

“Like many criminal actors, O’Connor tried to remain anonymous by using a computer to hide behind stealth accounts and aliases outside the United States.

“But this (guilty) plea shows that our investigators and prosecutors will identify, locate and bring to justice such criminals to ensure they face the consequences for their crimes.”

“O’Connor has left an impressive trail of destruction in the wake of his crime spree,” said United States Attorney Ismail J. Ramsey for the Northern District of California.

“This case serves as a warning that the reach of the law is long, and criminals anywhere who use computers to commit crimes can end up with the consequences of their actions in places they did not anticipate.”

O’Connor was charged along with fellow countryman Mason Sheppard from Bognor Regis, West Sussex, and two Americans, Graham Ivan Clark and Nima Fazeli.

Sheppard, who US authorities previously said is also known as Chaewon, was 19 years old when the crimes took place in July 2020.

O’Connor was charged along with fellow countryman Mason Sheppard (pictured) from Bognor Regis, West Sussex, and two Americans, Graham Ivan Clark and Nima Fazeli
Pictured: Sheppard’s family address (centre, white door) in Bognor Regis
American teenager Graham Ivan Clark, 17, was arrested Friday morning in Tampa

He was charged with conspiracy to commit fraud, conspiracy to commit money laundering and willful access to a protected computer.

In July 2021, Florida teenager Graham Ivan Clark, the alleged mastermind of the hacking group, was sentenced to three years in juvenile detention under a plea deal.

Clark, just 17 when he was charged, was sentenced to the maximum allowed under Florida’s Youthful Offender Act.

Prosecutors said the schemes included gaining unauthorized access to social media accounts on Twitter in July 2020, as well as a TikTok account in August 2020. Along with his co-conspirators, O’Connor stole at least $794,000 worth of cryptocurrency.

The July 2020 Twitter attack hijacked a number of verified accounts, including those of then-Democratic presidential candidate Joe Biden and Tesla Inc CEO Elon Musk, who now owns Twitter.

The accounts of former President Barack Obama, reality TV star Kim Kardashian, Bill Gates, Warren Buffett, Benjamin Netanyahu, Jeff Bezos, Michael Bloomberg and Kanye West were also hit.

The hackers used the accounts to solicit digital currency, prompting Twitter to prevent some verified accounts from publishing messages for several hours before security could be restored.

HOW THE HACKING HAPPENED

Joseph O’Connor – also known as ‘PlugWalkJoe’ – participated in various crimes, including the exploitation of social media accounts, online blackmail and cyberstalking.

This began three years ago when he and several hackers gained unauthorized access to administrative tools on Twitter.

Hackers were then able to take over accounts, after obtaining Twitter credentials through the internal messaging platform Slack, according to The New York Times.

In some cases, the hackers took control of the celebrity accounts themselves, but credentials were often sold to other hackers as well.

PlugWalkJoe also gained unauthorized access to a highly prominent TikTok account during 2020 which was then used to post self-promotional messages and a video.

A year earlier, he had also gained access to an Instagram account, which was used to exploit private messages and “sensitive material”.

To do this, a complex SIM-swapping attack was performed, which gives the attacker full control over another person’s phone number.

While criminals often rely on phishing attempts to obtain a phone number, they can sometimes easily find this on social media.

With this information, fraudsters can pretend to be a victim by contacting a mobile network and asking to activate a SIM card on another device.

Pretending that the SIM card is lost, stolen or damaged is a common excuse used to convince a mobile company that they are the legitimate SIM card holder.

If successful, fraudsters can change passwords, use multi-authentication measures, conduct financial transactions and post on a victim’s social media.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *