Joseph James “PlugwalkJoe” O’Connor, a 24-year-old from the United Kingdom who earned his 15 minutes of fame by participating in the July 2020 hack of Twitter, has been sentenced to five years in a U.S. prison. That may seem like harsh punishment for a brief and very public cyber joy ride. But O’Connor also pleaded guilty in a separate investigation involving a years-long spree of cyberstalking and cryptocurrency theft enabled by “SIM swapping,” a crime wherein fraudsters trick a mobile provider into diverting a customer’s phone calls and text messages to a device they control.
Three men in the United Kingdom were arrested this month after police responding to an attempted break-in at a residence stopped their car as they fled the scene. The authorities found weapons and a police uniform in the trunk, and say the trio intended to assault a local man and force him to hand over virtual currencies.
One day after last summer’s mass-hack of Twitter, KrebsOnSecurity wrote that 22-year-old British citizen Joseph “PlugwalkJoe” O’Connor appeared to have been involved in the incident. When the Justice Department last week announced O’Connor’s arrest and indictment, his alleged role in the Twitter compromise was well covered in the media.
But most of the coverage so far seem to have overlooked the far more sinister criminal charges in the indictment, which involve an underground scene wherein young men turn to extortion, sextortion, SIM swapping, death threats and physical attacks — all in a bid to seize control over highly-prized social media accounts.
Twitter was thrown into chaos on Wednesday after accounts for some of the world’s most recognizable public figures, executives and celebrities starting tweeting out links to bitcoin scams. Twitter says the attack happened because someone tricked or coerced an employee into providing access to internal Twitter administrative tools. This post is an attempt to lay out some of the timeline of this attack, and point to clues about who may have been behind it.