Sooner or later after final summer time’s mass-hack of Twitter, KrebsOnSecurity wrote that 22-year-old British citizen Joseph “PlugwalkJoe” O’Connor appeared to have been concerned within the incident. When the U.S. Justice Division final week introduced O’Connor’s arrest and indictment, his alleged function within the Twitter compromise was effectively coated within the media.
However many of the protection appears to have missed the much more sinister prison expenses within the indictment, which contain an underground scene whereby younger males flip to extortion, sextortion, SIM swapping, dying threats and bodily assaults — all in a frenzied effort to grab management over social media accounts.
Skim the federal government’s indictment and also you would possibly overlook a footnote on Web page 4 that claims O’Connor is a part of a bunch that had precisely zero reservations about utilizing their playbook of harassment ways in opposition to regulation enforcement brokers who have been already investigating their alleged crimes.
“O’Connor has doubtlessly been linked to extra prior swatting incidents and probably (though not confirmed and at the moment nonetheless beneath investigation) the swatting of a U.S. regulation enforcement officer,” the footnote reads.
Swatting entails making a false report back to authorities in a goal’s title with the intention of sending a closely armed police drive to that individual’s tackle. It’s a doubtlessly lethal hoax: Earlier this month, a Tennessee man was sentenced to 60 months in jail for setting in movement a swatting assault that led to the death of a 60-year-old grandfather.
As for the precise prison expenses, O’Connor faces ten counts, together with conspiracy, laptop intrusion, extortive communications, stalking and threatening communications.
All of these come into play within the case of the Snapchat account of actor Bella Thorne, who was allegedly focused by PlugwalkJoe and associates in June 2019.
Investigators say O’Connor was concerned in a “SIM swap” in opposition to Thorne’s cell phone quantity. Unauthorized SIM swapping is a scheme through which fraudsters trick or bribe workers at wi-fi telephone firms into redirecting the goal’s textual content messages and telephone calls to a tool they management. From there, the attackers can reset the password for any on-line account that enables password resets by way of SMS.
On this case, the SIM swap was completed to wrest management over Thorne’s Snapchat account. As soon as inside, the attackers discovered nude photographs of Thorne, which they then threatened to launch until she agreed to submit on social media thanking the hackers utilizing their on-line handles.
The intruders posted on Thorne’s Snapchat, “Will drop nudes if 5000 of you observe @PlugwalkJoe.” Thorne advised the feds her telephone misplaced service shortly earlier than her account was hijacked. Investigators later discovered the identical Web tackle used to entry Thorne’s Snapchat account additionally was used minutes later to entry “@Joe” on Instagram, which O’Connor has claimed publicly.
On June 15, 2019, Thorne posted on Twitter that she’d been “threatened with my very own nudes,” and posted screenshots of the textual content message with the person who had extorted him/her. Thorne stated she was releasing the pictures in order that the person wouldn’t be capable to “take one more factor from me.”
The indictment alleges O’Connor additionally swatted and cyberstalked a 16-year-old woman, sending her nude photographs and threatening to rape and/or homicide her and her household.
Social media persona Addison Rae had 55 million followers when her TikTok account obtained hacked final August. I noted on Twitter on the time that PlugWalkJoe had left his calling card but once more. The indictment alleges O’Connor additionally was concerned in a SIM-swap in opposition to Rae’s cellular quantity.
Prosecutors consider that roughly per week after the Twitter hack O’Connor referred to as in bomb threats and swatting assaults focusing on a highschool and an airport in California. They’re assured it was O’Connor making the swatting and bomb menace calls as a result of his voice is on file in a name he made to federal investigators, in addition to to an inmate arrested for SIM swapping.
Curiously disregarded of the media protection of O’Connor’s alleged crimes is that PlugwalkJoe seems to have admitted in a telephone name with the FBI to being a part of a prison conspiracy. Within the days following the Twitter mass-hack, O’Connor was quoted in The New York Occasions denying any involvement within the Twitter bitcoin rip-off. “I don’t care,” O’Connor advised The Occasions. “They’ll come arrest me. I might snort at them. I haven’t completed something.”
Talking with KrebsOnSecurity by way of Instagram prompt message simply days after the Twitter hack, O’Connor demanded that his title be saved out of future weblog posts right here. After he was advised that couldn’t be promised, he talked about that some folks in his circle of associates had been identified to rent others to ship bodily beatings on folks they didn’t like. In almost the identical breath, O’Connor stated he was open to speaking to federal investigators and telling his aspect of the story.
Based on the indictment, per week after the Twitter hack a person figuring out himself as O’Connor referred to as federal investigators in Northern California. Particularly, the decision went to the REACT Activity Pressure. REACT is a crew of regulation enforcement officers and prosecutors based mostly in Santa Clara, Calif. that’s focused on catching criminal SIM swappers, and by this level REACT already had loads of audio from telephone calls traced again to O’Connor through which he allegedly participated in a SIM swapping or swatting assault.
“REACT started receiving suggestions in 2018 concerning criminal activity of a person utilizing the net moniker ‘PlugwalkJoe,’ purportedly recognized as O’Connor from the UK,” the indictment states.
Prosecutors redacted the title of the regulation enforcement officer who allegedly was swatted by PlugwalkJoe, referring to him solely as “C.T.,” a prison investigator for the Santa Clara District Legal professional and a REACT Activity Pressure member.
FBI brokers referred to as O’Connor again on the quantity he left. O’Connor advised the FBI that on the afternoon of July 15, 2020 he’d been in touch with different associates who have been in communications with the alleged mastermind of the Twitter bitcoin rip-off. These intermediaries labored immediately with Graham Clark, then 17, who pleaded responsible to fraud expenses final summer time in reference to the Twitter hack and agreed to serve three years in jail adopted by three years of probation.
The indictment says O’Connor advised the feds he solely needed his associates to relay his need for Clark to safe a number of completely different quick Twitter usernames that belonged to different folks, accounts that have been to be later bought for a revenue. The opposite associates who allegedly helped PlugwalkJoe work together with Clark additionally have since been charged in connection with the Twitter hack.
A duplicate of the indictment is here (PDF).