3 years just after a single of the most visible hacks in new heritage performed out in real-time in entrance of millions of Twitter end users, just one of the hackers liable for the breach will now provide time in federal prison.
Joseph James O’Connor, 24, was sentenced Friday in a New York federal court docket to 5 decades in prison right after pleading guilty in Might to four counts of pc hacking, wire fraud and cyberstalking. O’Connor also agreed to forfeit at least $794,000 to the victims of his crimes.
O’Connor, a U.K. citizen, was extradited from Spain at the request of U.S. prosecutors earlier this calendar year and has remained in custody considering that.
In the listening to, Decide Jed S. Rakoff stated O’Connor will most likely serve about fifty percent of his sentence just after paying additional than two a long time in pre-trial custody.
O’Connor faced a utmost of 77 many years in jail, according to Reuters. Justice Section prosecutors referred to as for O’Connor to provide at least seven yrs in jail.
In courtroom, O’Connor said his crimes were being “stupid and pointless,” apologized to his victims, and asked the choose for leniency.
According to prosecutors, O’Connor “used his sophisticated technological abilities for destructive applications — conducting a complicated SIM swap assault to steal significant quantities of cryptocurrency, hacking Twitter, conducting pc intrusions to choose around social media accounts, and even cyberstalking two victims, which includes a slight victim.”
The federal government mentioned O’Connor, acknowledged by his on the net cope with PlugWalkJoe, was component of a team that broke into dozens of large-profile Twitter accounts, which includes Apple, Binance, Bill Gates, Joe Biden and Elon Musk, to spread cryptocurrency get-abundant-fast ripoffs in July 2020.
O’Connor used cell phone-dependent social engineering approaches to trick Twitter staff into granting the group of hackers access to Twitter’s network. Just one of the other hackers convicted of the Twitter breach, Graham Ivan Clark, also acknowledged as Kirk, employed the accessibility to Twitter’s community to abuse an internal admin device to hijack and reassign Twitter person accounts.
A screenshot of the Twitter admin panel that the hackers breached in get to reassign obtain to Twitter person accounts. Picture Credits: TechCrunch (supplied)
Twitter temporarily blocked end users from publishing to the web page as it grappled with the intrusion, as tens of millions of customers watched in serious time as their timelines flooded with cryptocurrency ripoffs from some of the most recognizable names on the planet.
A subsequent investigation by New York’s Department of Fiscal Companies, which accused Twitter of insufficient cybersecurity protections, uncovered that the hackers broke in by “calling Twitter personnel and professing to be from Twitter’s IT department,” then hijacked the Twitter accounts of politicians, celebrities, and business people to tweet “double your bitcoin” ripoffs.
The rip-off netted about $one hundred twenty,000, in accordance to community blockchain documents.
A number of of the tweets that had been published during the 2020 Twitter hack. Picture Credits: TechCrunch
The breach prompted Twitter to strengthen its cybersecurity controls, introducing hardware security keys for its employees to avert future phishing makes an attempt.
Two yrs on from the hack, extra explosive allegations about the breach arrived to mild.
Peiter “Mudge” Zatko, who was employed as Twitter’s head of protection months immediately after the breach, afterwards explained the hackers’ accessibility as reaching “god manner,” which authorized them to imposter-tweet from any account they required. Zatko referred to as the incident “the largest hack of a social media platform in history” in a whistleblower complaint submitted with federal regulators in 2022, in which Zatko accused his former employer of cybersecurity failings.
Twitter automobile-replied with a poop emoji in reaction to an emailed request for remark, as it has performed considering the fact that a short time immediately after Elon Musk acquired the organization.
