A British man who hacked high profile Twitter accounts as part of a Bitcoin scam has been jailed in the US, after being extradited from Spain.
Joseph O’Connor, originally from Liverpool, hijacked more than 130 accounts in July 2020, including those of Barack Obama, Joe Biden and Elon Musk. He was arrested in the southern Spanish coastal town of Estepona (Andalusia) in July 2021.
The 24-year-old pleaded guilty to hacking charges last month that carried a total maximum sentence of more than 70 years.
On Friday, he was sentenced to five years for cyber crimes, according to the United States Attorney’s Office in the southern district of New York.
The hacking was part of a major Bitcoin scam that generated tweets asking followers to send Bitcoin to an account, promising to double their money.
As a result of the fraud, an estimated 350 million Twitter users viewed suspicious tweets from official accounts of some of the platform’s biggest users, including Apple, Uber, Kanye West and Bill Gates.
Thousands were duped into believing that a crypto giveaway was real.
O’Connor, who went by the alias PlugwalkJoe, was extradited from Spain to the US in April. He had previously refused to be transferred to the US voluntarily following his arrest at his Costa del Sol home.
The court had rejected arguments by O’Connor’s lawyers that he should be tried in Spain since the servers he used were located there.
The court said the US was in a better position to prosecute because that was where the evidence obtained in the investigation was located, as was any damage caused.
Three other men have been charged over the scam, with US teenager Graham Clark pleading guilty to his part in the deception in 2021.
The hackers telephoned a small number of Twitter employees with a believable tale to convince them to hand over their internal login details – which eventually granted them access to Twitter’s administrative tools.
They managed to use social engineering tricks – more akin to conmen than high-level cyber-criminals – to get access to the powerful internal control panel at the site.
In a statement, US Assistant Attorney-General Kenneth Polite Jr described O’Connor’s actions as ‘flagrant and malicious’, saying he had ‘harrassed, threatened and extorted his victims, causing substantial emotional harm’.
The US justice department also said O’Connor admitted other hacking crimes including gaining access to a high-profile TikTok account and stalking a minor. He was also ordered to pay almost $800,000 in fines, the US justice department said.