A British hacker who stole the accounts of celebrities like Elon Musk has been arrested and ordered by the court to repay £4 million in Crypto Assets.

In 2020, a large-scale incident occurred on platform X where numerous celebrity accounts were hacked, leading to the theft of Crypto Assets, shocking the global technology and political circles. The platform, then still known as Twitter, suddenly saw a surge of bizarre messages impersonating celebrities. From former U.S. President Barack Obama to TSL CEO Elon Musk, and even official accounts of companies like Apple and Uber, all posted messages inviting fans to transfer Bitcoin in exchange for double rewards. These absurd posts attracted thousands of users who believed them and made remittances in a short period. The mastermind behind this incident was Joseph James O'Connor, a 26-year-old from Liverpool, England. He has now been arrested and imprisoned, and the British court has ordered him to compensate the victims with approximately £4 million worth of Bitcoin.

Deceived X employee credentials and stole Bitcoin using social engineering tactics.

O'Connor operated online under the name PlugwalkJoe, and he and a group of young accomplices successfully tricked multiple Twitter employees into providing their login credentials using social engineering tactics. After gaining access to the backend, they were able to enter the internal control panel that only a select few could operate on the X platform and directly reset celebrities' account passwords to send tweets. In just two days, this group of hackers manipulated over 130 accounts, with 45 accounts being used to publish scam messages. At that time, more than 350 million users worldwide may have seen these posts, with many mistakenly believing that celebrities were promoting some form of charitable feedback program, thus falling into the trap.

Using online gaming to gather friends and commit fraud

Joseph James O'Connor committed his crimes during the period when he was active on Twitter, with a total of 426 transfers into a wallet designated by the hacker, accumulating over 12.8 Bitcoins. Based on the price at that time, this amounts to around $110,000, but its current value exceeds $1.2 million. However, after the U.S. investigation agency traced O'Connor's assets, it was found that this hacker's earnings extend far beyond this celebrity scam. After meeting with other teenagers in the online game “Call of Duty,” they formed a hacking group that continued to launch attacks on multiple targets, both extorting and stealing Crypto Assets. The UK Crown Prosecution Service indicated that the investigation team traced more illegal proceeds in his electronic wallet, resulting in the seizure of a total of 42 Bitcoins and other digital currencies, valued at approximately £4.1 million, equivalent to about $5.4 million.

After the incident, O'Connor fled to Spain where his mother lived, but he was arrested by the Spanish police in 2021. The Spanish Supreme Court later ruled that since the victim and key evidence were all in the United States, the U.S. Department of Justice had the best jurisdiction to handle the case, and O'Connor was extradited to the United States. In 2023, he pleaded guilty in a U.S. court to charges of computer intrusion, telecommunications fraud, and extortion, and was sentenced to five years in prison.

The court ruled to confiscate £4 million worth of Crypto Assets for compensation.

Although O'Connor has not been tried criminally in the UK, the UK's Crown Prosecution Service has still made a claim for the recovery of his Crypto Assets through civil recovery procedures. Prosecutor Adrian Foster emphasized that the purpose of the judicial system is not only to punish but also to prevent criminals from profiting and to restore the victims' losses. He stated that even if the individual does not have a criminal conviction in the UK, authorities still have an obligation to ensure that the hacker cannot benefit from illegal gains. The court officially assessed O'Connor's assets last week to be valued at approximately £4.1 million, and these assets will be fully confiscated to compensate the victims.

This incident not only exposed the security vulnerabilities of large community platforms but also highlighted the threat of social engineering to internal management within companies. The hackers did not breach technical defenses; instead, they exploited human weaknesses, leading employees to mistakenly share permissions, ultimately resulting in one of the most severe security disasters in the platform's history. X (Twitter) was forced to urgently freeze multiple accounts to prevent high-risk users from being manipulated again. Subsequently, the company's internal review report pointed out that backend permission management was overly centralized, employee education was insufficient, and the multi-factor authentication measures were not strict enough, allowing attackers to easily gain access.

This case has prompted major global technology companies to strengthen their internal personnel access management and reevaluate their defenses against social engineering attacks.

This article regarding the arrest of a UK hacker who impersonated celebrities such as Musk, and the court's order to repay £4 million in Crypto Assets, first appeared on Chain News ABMedia.