Twitter Celeb Hacker Jailed For Five Years

Written by

A Liverpool man has been handed a five-year jail term after a sophisticated hacking campaign in which he and others hijacked celebrity Twitter accounts in a bid to scam followers.

Joseph O’Connor (aka “Plugwalk Joe”) was extradited from Spain to the US on April 26 and pleaded guilty to two sets of charges on May 9.

Read more on Twitter account hacks: Three Arrested for Twitter VIP Account Hijacking.

One relates to the mass hacking of social media accounts, online extortion and cyberstalking.

In early 2020, O’Connor and his co-conspirators phoned some Twitter employees and socially engineered them into handing over their logins, which granted the hackers access to the site’s internal admin tools.

They used this access to publish a bitcoin scam via over 130 celebrity Twitter accounts, and also sold access to some accounts to third parties, according to the Department of Justice (DoJ).

O’Connor also used SIM swap techniques to access the account of top TikTok creator, Addison Rae, to whose millions of followers he published self-promotional messages and videos. He used a similar technique to hijack a high-profile Snapchat account, stealing sensitive images and threatening to release them publicly.

The UK man also carried out a series of swatting attacks on a third individual in June and July 2020, and threatened several of the victim’s family members.

Separately, O’Connor and his co-conspirators successfully used SIM swap attacks to compromise three executives at a Manhattan-headquartered crypto firm and used their access to divert digital funds now worth $1.6m from their wallets.

He pleaded guilty to multiple counts of conspiracy to commit computer intrusions, wire fraud and money laundering, as well as two counts of committing computer intrusions, making extortive communications, two counts of stalking and making threatening communications.

As well as the five-year prison term, O’Connor will also be forced to go through three years of supervised release and was ordered to pay $794,012 in forfeiture.

Image credit: Marcelo Mollaretti /

What’s hot on Infosecurity Magazine?