The US Department of Justice has indicted a suspected Twitter hacker named “PlugWalkJoe” for stealing cryptocurrencies worth US $ 784,000 using SIM swap attacks.
In SIM swap attacks, threat actors take control of target phone numbers by porting them to their own device’s SIM card. These attacks are usually carried out through social engineering and pretending to be the target of hacking into the systems of cellular network providers or bribery of employees.
Once they perform the SIM swap, the attackers receive messages and calls from the victims that allow them to bypass SMS-based Multi-Factor Authentication (MFA), steal user credentials, and take over victims’ online service accounts.
In the indictment unsealed in the Southern District of New York today, the DOJ alleges that Joseph O’Connor, aka “PlugwalkJoe,” and co-conspirators used SIM swaps to gain access to accounts of a Manhattan-based cryptocurrency company.
Using this access, the alleged hackers stole $ 784,000 Bitcoin Cash, Litecoin, Ethereum and Bitcoin from wallets that the company managed on behalf of customers.
“Between March 2019 and May 2019, JOSEPH JAMES O’CONNOR, aka” PlugwalkJoe, “the defendant, and his co-conspirators carried out a plot to use SIM swaps to launch cyberattacks to steal approximately $ 784,000 in value of cryptocurrency from a Manhattan-based cryptocurrency company (“Company-1”) that has provided wallet infrastructure and associated software for cryptocurrency exchanges around the world at all relevant times, ”the unsealed indictment reads.
The stolen cryptocurrency includes 770.784869 bitcoin cash, approximately 6,363,490509 litecoin, approximately 407.396074 ethereum, and approximately 7.456728 bitcoin.
The suspect will be charged under this new charge of conspiracy to commit computer hacking, conspiracy to commit bank transfer fraud, aggravated identity theft, conspiracy to commit money laundering,
O’Connor was previously charged with alleged involvement in a massive July 2020 Twitter hack that allowed attackers to hijack accounts and promote cryptocurrency fraud that stole over $ 120,000 worth of bitcoin.
The 130 high profile accounts used in the attack included politicians, celebrities, technical executives (@JeffBezos, @BarackObama, @elon_musk, @kanyewest, @JoeBiden, @BillGates and @WarrenBuffet) and corporations (@Apple, @Uber .). , @coinbase, @Gemini, @binance).
The US government is pursuing the extradition of O’Connor, who is currently in custody in Spain.