Joseph O’Connor, known in some corners of the internet as PlugWalkJoe, was indicted on an array of charges relating to a May 2019 cryptocurrency exchange hack. During the attack, he is alleged to have absconded with digital assets valued at approximately $784,000.
In the criminal scheme, authorities believe O’Connor utilized SIM swap attacks (an artifice of fraud where 2FA phone calls and text messages are rerouted to a device controlled by the scammer) on three separate executives at an undisclosed cryptocurrency company to take control of their employers’ systems. O’Connor may have then diverted over 7 BTC, 407 ETH, 6363 LTC and 770 BCH from wallets maintained by the corporation on behalf of their users to wallets under his own control.
The indictment was brought by the US Attorney’s office in the Southern District of New York, which is well known for its prosecution of high-profile financial crimes. The case is assigned to Judge Richard Berman and was investigated by the FBI. O’Connor is specifically charged with conspiracy to commit computer hacking, conspiracy to commit wire fraud, conspiracy to commit money laundering and aggravated identity theft. The identity theft count carries a mandatory minimum of two years in prison to be served consecutive to any other sentence imposed.
O’Connor is currently fighting extradition to the United States from Spain, where he was arrested in July on charges brought in the Northern District of California related to the 2020 Twitter hack in which he is alleged to have gained control of 130 separate prominent Twitter accounts — including those of Barack Obama, Elon Musk, Apple and Kanye West. The guilty parties used these accounts to promote a cryptocurrency scam before making off with about $110,000 in ill-gotten gains.