2020 Twitter Hacker Extradited to US, Pleads Guilty to Wire Fraud

Joseph James O’Connor, or PlugwalkJoe, has been charged with stealing over $794,000 worth of crypto

article-image

TY Lim/Shutterstock modified by Blockworks

share

One of the people involved in the 2020 Twitter hack that targeted President Obama, Elon Musk, and other high profile accounts has been extradited from the UK to the US. He pleaded guilty to wire fraud and money laundering, among other charges.

The Southern District of New York is accusing Joseph James O’Connor, whose handle was “PlugwalkJoe,” of stealing and laundering approximately $794,000 worth of cryptocurrency from an unnamed Manhattan-based crypto company. 

This scheme, which involved a SIM card swap hack of one of the company’s executives, took place between approximately March 2019 and May 2019, according to a Justice Department press release. After that, O’Connor and his co-conspirators initiated dozens of transfers to launder the stolen crypto, which included approximately 770 bitcoin cash (BCH), 6,363 litecoin (LTC), 407 ether (ETH) and 7 bitcoin (BTC), according to the November 2021 indictment

Following the theft of the funds, the next phase of the scam was to gain access to various high profile Twitter accounts. According to prosecutors, O’Connor and some of his co-conspirators took control of accounts themselves and tried to defraud other Twitter users.

These allegations seem to line up with the many fraudulent bitcoin scam tweets that popped up on the platform on July 15, 2020.

Then-presidential candidate Joe Biden was targeted, his account dubiously tweeting, “I am giving back to the community. All Bitcoin sent to the address below will be sent back doubled! If you send $1,000, I will send back $2,000. Only doing this for 30 minutes.”

Apple, CashApp, Kim Kardashian and other accounts with huge followings sent out similar tweets promising an easy pay day if users sent their bitcoin to the listed wallet address. 

Industry players in the crypto space were targeted as well in the July 15 hack, CoinTelegraph reported. At the time, Binance CEO Changpeng Zhao told users not to click on a trap link on Binance’s main Twitter account. Gemini, Coinbase, CoinDesk, Kucoin and @Bitcoin were also compromised. 

O’Connor is set to be sentenced on June 23 and, with his guilty plea, he agreed to forfeit the entire sum of money that was stolen. 

The district attorney’s office for the Southern District of New York didn’t immediately return a request for comment.


Get the news in your inbox. Explore Blockworks newsletters:

Tags

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

recent research

Research Report Templates (2).png

Research

We’re bullish on the PUMP token. We believe Pump.fun's brand strength, existing integrations, product roadmap, and strategic levers justify PUMP's TGE valuation, and expect the token to re-rate meaningfully higher in the months ahead.

article-image

Big blockers wasted a bitcoin fortune trying to prove a point

article-image

Coinbase’s newest acquisition includes the CEO and Head of Research from Opyn

article-image

Crypto’s highest purpose might be to make markets better by making them bigger

article-image

The non-profit’s “Project Open” seeks to let stocks trade directly on Solana

article-image

The acquisition is Pump.fun’s first, and comes just days before its planned ICO

article-image

As Trump’s tariff war reignites, everyone is assuming the dollar will continue its path lower. But the journey might be bumpy