A notorious cybercriminal involved in the Twitter hack of July 2020 has finally been sentenced to five years in prison. Joseph O’Connor, who was 21 at the time of the crime, evaded US authorities for a year before his arrest in Spain in July 2021. O’Connor was recently extradited to the US, pleaded guilty in May 2023, and received his sentencing last week.
The Twitter hack in question involved a small group of cybercriminals gaining control of several high-profile Twitter accounts. The hackers used these accounts to promote a cryptocurrency fraud scheme, tricking people into sending investments to users they believed to be influential figures such as Bill Gates, Elon Musk, and Warren Buffett. The list of compromised accounts also included Joe Biden, Barack Obama, Jeff Bezos, Mike Bloomberg, Benjamin Netanyahu, Kim Kardashian, and even Apple.
However, the Twitter hack was not the only crime O’Connor was convicted of. He was also found guilty of using a SIM-swap trick to steal approximately $794,000 in cryptocurrency. SIM swaps occur when a criminal convinces a mobile phone provider to issue them a replacement SIM card for someone else’s number. By taking over the SIM cards of three staff members at a cryptocurrency company, O’Connor and his associates were able to drain nearly $800,000 from corporate wallets.
In addition to the SIM-swap fraud, O’Connor used a similar trick to take control of two celebrity TikTok accounts and threatened the account holders. He publicly stated that he would release sensitive and personal material unless the victims agreed to post messages promoting his online persona. O’Connor also engaged in stalking and threatening a minor, making false calls to law enforcement claiming that the victim planned to harm others and even going as far as threatening to kill the victim’s family members.
As a result of these multiple offenses, O’Connor was convicted of conspiracy to commit computer intrusions, conspiracy to commit wire fraud, conspiracy to commit money laundering, making extortionate communications, stalking, and making threatening communications. In addition to his prison sentence, O’Connor will also serve three years of supervised release and must pay over $794,000 in forfeiture.
SIM swap fraud is a challenging crime to protect against, as the decision to issue a replacement SIM card lies with the mobile phone company. However, there are measures individuals can take to enhance their security. For instance, consider switching from SMS-based two-factor authentication (2FA) to app-based 2FA, which generates codes on your phone without relying on a SIM card or network connection. Additionally, using a password manager can help prevent hackers from accessing accounts even if they successfully perform a SIM swap. It’s also important to be vigilant if your phone suddenly loses connection, as this could be a sign of a SIM swap. Contacting your phone company and visiting a store in person can help clarify if your account has been compromised.
While the sentencing of O’Connor brings some closure to the Twitter hack and related crimes, it serves as a reminder of the continuous need for strong cybersecurity measures. As technology advances, so do the tactics used by cybercriminals, making it crucial for individuals and organizations to stay vigilant and take proactive steps to protect their online presence.