Hacker answerable for 2020 Twitter breach sentenced to jail

Hacker answerable for 2020 Twitter breach sentenced to jail

[ad_1]

Three years after one of the vital seen hacks in latest historical past performed out in real-time in entrance of tens of millions of Twitter customers, one of many hackers answerable for the breach will now serve time in federal jail.

Joseph James O’Connor, 24, was sentenced Friday in a New York federal courtroom to 5 years in jail after pleading responsible in Could to 4 counts of pc hacking, wire fraud and cyberstalking. O’Connor additionally agreed to forfeit at the least $794,000 to the victims of his crimes.

O’Connor, a U.Okay. citizen, was extradited from Spain on the request of U.S. prosecutors earlier this 12 months and has remained in custody since.

Within the listening to, Choose Jed S. Rakoff stated O’Connor will seemingly serve about half of his sentence after spending greater than two years in pre-trial custody.

O’Connor confronted a most of 77 years in jail, in line with Reuters. Justice Division prosecutors referred to as for O’Connor to serve at the least seven years in jail.

In courtroom, O’Connor stated his crimes had been “silly and pointless,” apologized to his victims, and requested the decide for leniency.

In keeping with prosecutors, O’Connor “used his refined technological skills for malicious functions — conducting a posh SIM swap assault to steal massive quantities of cryptocurrency, hacking Twitter, conducting pc intrusions to take over social media accounts, and even cyberstalking two victims, together with a minor sufferer.”

The federal government stated O’Connor, recognized by his on-line deal with PlugWalkJoe, was a part of a bunch that broke into dozens of high-profile Twitter accounts, together with Apple, Binance, Invoice Gates, Joe Biden and Elon Musk, to unfold cryptocurrency get-rich-quick scams in July 2020.

O’Connor used phone-based social engineering methods to trick Twitter staff into granting the group of hackers entry to Twitter’s community. One of many different hackers convicted of the Twitter breach, Graham Ivan Clark, also called Kirk, used the entry to Twitter’s community to abuse an inside admin device to hijack and reassign Twitter consumer accounts.

A screenshot of the Twitter admin panel that the hackers breached in order to reassign access to Twitter user accounts.

A screenshot of the Twitter admin panel that the hackers breached with a view to reassign entry to Twitter consumer accounts. Picture Credit: TechCrunch (equipped)

Twitter quickly blocked customers from posting to the location because it grappled with the intrusion, as tens of millions of customers watched in actual time as their timelines flooded with cryptocurrency scams from a few of the most recognizable names on the planet.

A subsequent investigation by New York’s Division of Monetary Providers, which accused Twitter of insufficient cybersecurity protections, discovered that the hackers broke in by “calling Twitter staff and claiming to be from Twitter’s IT division,” then hijacked the Twitter accounts of politicians, celebrities, and entrepreneurs to tweet “double your bitcoin” scams.

The rip-off netted about $120,000, in line with public blockchain information.

Several screenshots showing the tweets that were published during the Twitter 2020 hack

A number of of the tweets that had been printed through the 2020 Twitter hack. Picture Credit: TechCrunch

The breach prompted Twitter to enhance its cybersecurity controls, introducing {hardware} safety keys for its staff to forestall future phishing makes an attempt.

Two years on from the hack, extra explosive allegations concerning the breach got here to gentle.

Peiter “Mudge” Zatko, who was employed as Twitter’s head of safety months after the breach, later described the hackers’ entry as reaching “god mode,” which allowed them to imposter-tweet from any account they needed. Zatko referred to as the incident “the most important hack of a social media platform in historical past” in a whistleblower criticism filed with federal regulators in 2022, by which Zatko accused his former employer of cybersecurity failings.

Twitter auto-replied with a poop emoji in response to an emailed request for remark, because it has finished since a short while after Elon Musk acquired the corporate.

[ad_2]
admin
Author: admin

Leave a Reply