A 22-year previous British nationwide, recognized on-line as “PlugWalkJoe”, has been arrested in Spain’s Costa del Sol for allegedly being one among 4 younger hackers who grabbed management of dozens of movie star Twitter accounts final yr and used them to solicit greater than $115,000 in bitcoin.
The alleged perpetrators compromised 130 accounts in July final yr, based on the newest felony grievance filed within the Northern District of California, together with these of Joe Biden, Barack Obama, Invoice Gates, Kanye West and Elon Musk.
The hackers then tweeted out pretend messages from the accounts asking their tens of millions of followers to ship bitcoin to an account, and promising to double their cash in the event that they did so.
The US Division of Justice stated on Wednesday that Joseph O’Connor had been arrested in Estepona by the Spanish Nationwide Police on a number of fees associated to final yr’s high-profile hack.
O’Connor, accused within the DoJ’s felony grievance of being a prolific hacker named “PlugWalkJoe”, has beforehand denied accountability for the hack, telling The New York Instances: “I don’t care. They will come arrest me. I might snigger at them. I haven’t achieved something.”
He defined to the newspaper that he had corresponded with the opposite alleged perpetrators however had been getting a therapeutic massage close to his home in Spain when the hack befell.
O’Connor is the fourth individual to be charged in reference to the hack. Simply two weeks after the July 2020 assault, US authorities named Mason Sheppard, then 19, of Bognor Regis within the UK, and Nima Fazeli, then 22, of Orlando, Florida, and the then 17-year-old Graham Ivan Clark of Tampa, Florida, as defendants within the FBI’s investigation.
In line with the felony grievance, which has been filed within the Northern District of California, the assaults have been carried out by a gaggle of hackers within the enterprise of shopping for and promoting coveted social media display screen names, often called “OGUsers”.
O’Connor was recognized by FBI brokers via a mixture of messages he despatched by way of the gamer chat platform Discord, in addition to unnamed informants, together with one who recognized a recording of his voice, the submitting stated.
US authorities had been receiving tips on his illicit on-line exercise since 2018, based on the submitting, which additionally accused him of hacking the account of “one of the seen and adopted accounts” on rival social media platform TikTok, compromising a Snapchat person’s nude pictures in an effort to extort them, and cyberstalking a juvenile sufferer.
Twitter declined to touch upon information of the arrest.
The Twitter fraud raised greater than $115,000 in cryptocurrency, whereas the hackers additionally accessed the personal message inbox of 36 of the sufferer accounts and downloaded the non-public knowledge of seven, Twitter stated on the time.
The incident triggered Twitter to dam some verified accounts from publishing tweets for a number of hours on the day, and prompted widespread criticism of the social media group for lax safety practices.
State prosecutors in Tampa, Florida, final yr dubbed Clark the “mastermind” behind the assault, accusing him of utilizing social engineering to trick a Twitter worker into offering credentials to entry the corporate’s customer support portal, below the pretence that he was a co-worker within the info expertise division. Entry to those “inside controls” then allowed Clark to wield entry to the Twitter accounts, state prosecutors stated.
Day by day e-newsletter
#techFT brings you information, remark and evaluation on the large firms, applied sciences and points shaping this quickest shifting of sectors from specialists based mostly around the globe. Click on right here to get #techFT in your inbox.