Skip to main content

Hacker sent to jail for huge 2020 Twitter breach

A British man who took part in a high-profile Twitter hack in 2020 was handed a five-year jail term by a New York federal court on Friday.

Joseph O’Connor, 24, had pled guilty in May to four counts of computer hacking, wire fraud, and cyberstalking. He was also ordered to pay $794,000, the amount that he nabbed in the crypto crime.

Recommended Videos

O’Connor was one of several men involved in the headline-grabbing ruse two years ago, which targeted more than 130 Twitter accounts, including ones belonging to politicians and celebrities such as Joe Biden, former President Barack Obama, Tesla and SpaceX CEO Elon Musk, Microsoft co-founder Bill Gates, and celebrities Kanye West and Kim Kardashian.

Please enable Javascript to view this content

The hack involved posting a fake tweet (below) to the hijacked accounts that encouraged followers to send payments to a Bitcoin wallet.

Image used with permission by copyright holder

To enable the scam, the perpetrators targeted a number of Twitter employees in a so-called “phone spear phishing attack” that had them believe they were conversing with co-workers when in fact they were not.

Having gained their confidence, the hackers were able to obtain information from the victims that opened up Twitter’s internal tools. They were then able to take over the targeted Twitter accounts and tweet the fake posts.

O’Connor was arrested in Spain in July following a detention request from the U.S. authorities. His capture followed three other arrests in 2020 in connection with the crime, one of whom was given a three-year sentence by a U.S. court in March 2021.

In a widely reported statement, U.S. Assistant Attorney-General Kenneth Polite Jr. described O’Connor’s actions as “flagrant and malicious,” adding that he had “harassed, threatened, and extorted his victims, causing substantial emotional harm.”

The U.S. Department of Justice also revealed that O’Connor had admitted to other hacking crimes, including gaining access to a high-profile TikTok account and stalking a minor, the BBC reported.

Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
This critical exploit could let hackers bypass your Mac’s defenses
A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.

Microsoft has discovered a critical exploit in macOS that could grant hackers easy access to your Mac’s most important data. Dubbed ‘Migraine,’ it shows why it’s vital to update your Mac as soon as possible.

Migraine is so damaging because it can bypass Apple’s System Integrity Protection, or SIP for short. SIP is enabled by default on modern Macs and works by sandboxing sensitive parts of the computer from outside meddling. Only processes that are signed by Apple (or those with special privileges, like Apple installers) are allowed to alter something guarded by SIP.

Read more
Hackers may have stolen the master key to another password manager
Open padlock cybersecurity

The best password managers are meant to keep all your logins and credit card info safe and secure, but a major new vulnerability has just put users of the KeePass password manager at serious risk of being breached.

In fact, the exploit allows an attacker to steal a KeePass user’s master password in plain text -- in other words, in an unencrypted form -- simply by extracting it from the target computer’s memory. It’s a remarkably simple hack, yet one that could have worrying implications.

Read more
Hackers are using a devious new trick to infect your devices
A person using a laptop with a set of code seen on the display.

Hackers have long used lookalike domain names to trick people into visiting malicious websites, but now the threat posed by this tactic could be about to ramp up significantly. That’s because two new domain name extensions have been approved which could lead to an epidemic of phishing attempts.

The two new top-level domains (TLDs) that are causing such consternation are the .zip and .mov extensions. They’ve just been introduced by Google alongside the .dad, .esq, .prof, .phd, .nexus, .foo names.

Read more