Flagrant Malfeasance
  • Blog
    • Blatant Theft
    • Collusion
    • Corruption
    • Cybersecurity
    • Education
    • Hollywood
    • Linux
    • OSINT
    • Trump
  • Our Foundation
    • Declaration of Independence
    • United States Constitution
    • Bill of Rights
    • Gettysburg Address
    • Emancipation Proclamation
Select Page

“PlugWalkJoe” indicted for $784K SIM swap cryptocurrency theft

by Graham Cluley | Nov 4, 2021 | Cybersecurity

The U.S. Department of Justice charged a British man for his alleged role in stealing $784,000 worth of cryptocurrency using SIM swap attacks.

According to the unsealed indictment, Joseph James O’Connor – also known as “PlugWalkJoe” – conspired with others to steal approximately $784,000 worth of cryptocurrency from a Manhattan-based cryptocurrency company.

It’s alleged that O’Connor, who is in his early twenties, perpetrated a scheme with unnamed co-conspirators to hijack control of three phone numbers belonging to executives of the targeted firm.

O’Connor and his associates are accused of pulling off a SIM-swap attack, which typically see fraudsters successfully dupe a cellphone provider’s customer support into giving them control of someone else’s phone number.

If a SIM-swap attack is successful, a fraudster will not just receive phone calls intended for their victim. They may also receive one-time passwords and 2FA codes used by some online services to authenticate whether a user is allowed to log into a system or not.

The Justice Department claims that after a successful SIM-swap attack, O’Connor and others managed to gain unauthorized access to staff accounts at the company and its computer systems.

On or about May 1, 2019, it is alleged that O’Connor and his cohorts then diverted the cryptocurrency held by the targeted company on behalf of two of its clients into cryptocurrency wallets under their own control.

The group allegedly stole a total of 770.784869 Bitcoin cash, 6,363.490509 Litecoin, 407.396074 Ethereum, and 7.456728 Bitcoin.

If the name “PlugWalkJoe” is familiar to you, then that may be because O’Connor was arrested earlier this year in relation to July 2020’s huge hack of celebrity Twitter accounts, a scheme which attempted to trick followers of the likes of Joe Biden, Kanye West, and Elon Musk into falling for a cryptocurrency scam.

Some screenshots of the cryptocurrency scam

In the aftermath of that high profile security breach, O’Connor showed a surprising willingness to confirm that he was “PlugWalkJoe,” telling the New York Times in July 2020 that he was not worried about police investigating his activities:

“I don’t care. They can come arrest me. I would laugh at them. I haven’t done anything.”

A selfie of Joseph James O'Connor, aka "PlugWalkJoe"

O’Connor is currently awaiting extradition from Spain, where he was apprehended earlier this year. He could face a lengthy prison sentence if convicted of the various criminal charges brought against him.


Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.

Recent Posts

  • Ukrainian revenge that was served “very cold” PHOTO
  • Monitoring Threats on Social Media Platforms
  • ’10 Macbooks’ Twitter hack update: Not even Smash Mouth is safe
  • CompTIA Security+ SY0-601
  • Russia Sends Cyber Weapons To Iran After Tehran Provided Drones For Ukraine War: WSJ

Archives

  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • December 2017
  • July 2017
  • June 2017
  • May 2017
  • March 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
  • November 2015

Categories

  • Blatant Theft
  • Collusion
  • Corruption
  • Cybersecurity
  • Education
  • Hollywood
  • Linux
  • OSINT
  • Trump
  • Uncategorized
  • White House
© 2021, Flagrant Malfeasance. All Rights Reserved.