O’Connor, going by his hacker name “PlugWalkJoe”, was also reportedly involved in Twitter account hacks that happened last year, of famous personalities leading to a cryptocurrency scam.
Using SIM Swapping For Hacking Accounts
SIM swapping is a widely used social engineering technique, where threat actors bribe or make telecom operators swap a targeted phone number to their own SIM. Thereby, they receive all the two-factor authentication codes, messages, and other critical communication of their targets. This is helpful for accessing the online accounts of their target, and stealing associated funds, or performing impersonation attacks. This popular technique is used by Joseph O’Connor, a perpetrator who hacked the Twitter account of a cryptocurrency company and stole funds worth over $784,000 in 2019. He was charged by the US Department of Justice, on the name of “PlugWalkJoe“, whose indictment was unsealed today in the Southern District of New York. In this case, O’Connor was accused of hacking the Twitter account of a Manhattan-based cryptocurrency company through a SIM swapping attack. With that access, he stole funds worth $784,000 in various cryptocurrency means, viz Bitcoin Cash, Litecoin, Ethereum, and Bitcoin from wallets managed by the company on behalf of its clients. In a detailed note, O’Connor in between March and May 2019, stole 7.456728 Bitcoin, 770.784869 Bitcoin cash, 6,363.490509 Litecoin, and 407.396074 Ethereum. Thus, he was now charged with various counts like computer hacking, conspiracy to commit wire fraud, aggravated identity theft, and conspiracy to commit money laundering. O’Connor was also reportedly involved in last year’s Twitter hack of famous personalities, where the threat group stole funds over $120,000 in a cryptocurrency scam. Now, the US government is trying to extradite O’Connor, who is currently in the custody of the Spain government.