Rafael Henrique | LightRocket | Getty Images
A Briton was arrested Wednesday in Spain in connection with the 2020 hacking of Twitter accounts belonging to Apple, President Joe Biden, former President Barack Obama, Tesla Chief Elon Musk, Warren Buffett, Microsoft founder Bill Gates and over 100 others to defraud their bitcoin followers, the Justice Department has said.
Joseph O’Connor was arrested in Estepona by the Spanish National Police at the request of the US authorities, who will now request his extradition, authorities said.
O “Connor, 22, is indicted in a criminal complaint in federal court in California on charges relating to the unlawful compromise of more than 130 Twitter accounts in the July 15, 2020 hack.
Three other people had already been charged in connection with the hacking, including a 17-year-old in Florida who was the alleged “mastermind” of the attack. A prosecutor said last year that the scam brought in more than $ 100,000 worth of bitcoin.
O’Connor is also charged with cyberstalking a minor victim and hacking into TikTok and Snapchat user accounts.
Victims of the Twitter account included Amazon founder Jeff Bezos, reality TV superstar Kim Kardashian, former New York City mayor Mike Bloomberg, musicians Kanye West and Wiz Khalifa, corporate account Cash App and Uber’s corporate account. The bitcoin-related tweet was Apple’s very first tweet, although the account has placed ads in the past.
During the hacks, messages saying “I give back to my community” or some variation were posted by the accounts.
The post urged account subscribers to send bitcoin to an address, claiming that subscribers would then be refunded double the amount they sent.
Rachel Tobac, CEO of cybersecurity firm SocialProof Security, told NBC News at the time that the attack was possibly the biggest Twitter had ever seen.
“We are lucky that the attackers are going after bitcoin (money driven) and not chaos and destruction,” Tobac said.
Twitter said last year, “The social engineering that occurred on July 15, 2020 targeted a small number of employees through a phone spear phishing attack.”
“A successful attack forced the attackers to access both our internal network as well as specific employee credentials that gave them access to our internal support tools,” Twitter said.
“Not all employees initially targeted were permitted to use account management tools, but attackers used their credentials to gain access to our internal systems and gain insight into our processes.”
Authorities have said that O’Connor is charged with three counts of conspiring to intentionally gain unauthorized access to a computer and obtain information from a protected computer; two counts of intentionally accessing a computer without authorization and obtaining information from a protected computer; and a conspiracy to intentionally gain access to a computer without authorization and with the intention of extorting something of value from a person, by transmitting a communication containing a threat.
He is also charged with one count of improper communication; one count of threatening communication; and two counts of cyberstalking.