Joseph O’Connor, a 22-year-old UK citizen who goes by the handle “PlugWalkJoe,” was arrested in Spain on Wednesday for his connection to the 2020 Twitter hack that compromised the accounts of former President Barack Obama and Elon Musk, and ran off with over $100,000 in Bitcoin. In a press release announcing the arrest, the US Justice Department writes that O’Connor is also being charged with “computer intrusions related to takeovers of TikTok and Snapchat user accounts.”
O’Connor was arrested on multiple counts of conspiring to and illegally accessing computers without authorization, and “with the intent to extort from a person a thing of value, transmitting a communication containing a threat,” among several other charges, the Justice Department writes. According to Krebs on Security, O’Connor was a well-known sim-swapper, a method of hijacking valuable social media accounts by manipulating cellular network employees to duplicate phone numbers so hackers can intercept two-factor authorization requests.
“They can come arrest me. I would laugh at them. I haven’t done anything.”
In an interview for The New York Times conducted with several of the hackers associated with the Twitter breach, O’Connor openly identified himself as “PlugWalkJoe” and confirmed that the hackers had obtained Twitter credentials to take over the accounts via an internal company Slack. At the time, O’Connor was fairly bullish about his involvement and apparent safety, “They can come arrest me. I would laugh at them. I haven’t done anything,” he told the Times.
Today’s arrest is just the latest in the fallout from the breach. Graham Ivan Clark, the “teenage mastermind” of the entire plan, was arrested alongside Nima “Rolex” Fazeli and Mason “Chaewon” Sheppard in July last year. Clark has since been sentenced to three years in prison for his role in the hack.