In July 2020, the digital world held its breath as one of social media’s biggest security breaches unfolded in real time.

Joseph James O’Connor, a Liverpool-born hacker operating under the alias “PlugwalkJoe,” orchestrated a stunning attack on Twitter that compromised more than 130 high-profile accounts in a matter of minutes.

The targets read like a who’s who of global power and influence: Barack Obama, Joe Biden, Elon Musk, Bill Gates, Jeff Bezos, and even Apple and Uber.

Using nothing more than social engineering and a fake Bitcoin giveaway, O’Connor and his co-conspirators managed to dupe thousands of unsuspecting Twitter users into sending cryptocurrency to wallets they controlled.

The scam was remarkably simple yet devastatingly effective. The fake tweets promised to double any Bitcoin sent to specific addresses, framed as charity or COVID-19 relief efforts.

Within hours, the hackers had stolen roughly $794,000 in cryptocurrency before Twitter managed to regain control of the accounts.

Now, five years later, UK authorities are making sure O’Connor pays the price in more ways than one.

How a social engineer outsmarted Twitter’s defenses

The 2020 Twitter hack exposed a flaw almost no one knew existed back then: around 1,500 Twitter employees and partners had access to powerful internal tools.

O’Connor and his crew didn’t break in using elite hacking tricks or cutting-edge exploits. They just used good old-fashioned social engineering, basically, talking their way past Twitter’s defenses.

They called a handful of Twitter employees, told a convincing story, and got them to hand over internal login credentials. That was all they needed.

With those credentials, the group suddenly had access to Twitter’s admin dashboard, pretty much the master control panel. Once inside, things like resetting passwords or bypassing two-factor authentication were effortless.

At that point, they could simply swap out email addresses tied to high-profile accounts and trigger password resets. That gave them full control of some of the most influential accounts on the planet.

O’Connor was later arrested in Spain in July 2021 and extradited to the US. He pleaded guilty to several charges, including computer intrusion, wire fraud, extortion, and money laundering.

By June 2023, he was sentenced to five years in federal prison.

But his punishment didn’t stop with prison time. The UK’s Crown Prosecution Service recently secured a civil recovery order forcing him to hand over 42 Bitcoin and other crypto assets, worth about £4.1 million (roughly $5.4 million).

A court-appointed trustee will now sell off those assets, making sure O’Connor doesn’t walk away with a single pound from what he stole.

A global message: Cybercriminals can’t hide

What really stands out in this case is what it says about how countries are now working together to crack down on cybercrime.

O’Connor wasn’t even convicted in the UK; the crimes and charges were all handled in the United States. But British authorities were still able to go after his assets using their civil recovery powers.

This case shows just how closely different countries are working together to track digital criminals, especially those moving money through cryptocurrency.

The UK teamed up with American and Spanish investigators to stop O’Connor from shifting or hiding his crypto before the court order came through.

It’s one of the biggest crypto-related seizures in UK cybercrime history, and it sends a pretty clear message: the era of pulling off multimillion-dollar online scams and walking away untouched is disappearing fast.

Law enforcement across borders is getting smarter, more connected, and far more aggressive in following the money, no matter where it travels.

The post British hacker who hit Obama and Musk’s Twitter accounts told to repay $5.4M in Bitcoin appeared first on Invezz