Arrested in southern Spain, the 22-year-old is facing charges for a dozen or so offences. Some 130 Twitter accounts were used to request bitcoins, raising $117,000.
Spain’s National Police arrested a UK national in Estepona (Málaga province) on suspicion of having hacked as many as 130 Twitter accounts belonging to high-profile figures and companies in order to commit fraud.
Hacked Biden, Obama, Kim Kardashian and more
The 22-year-old allegedly took control of profiles on Twitter including those of Barack Obama, Joe Biden, Kanye West, Kim Kardashian, Elon Musk and Bill Gates. They didn’t stop at individuals, hacking firms such as Apple and Uber.
Messages posted on the profiles encouraged followers to send bitcoins to an account. The message promised double the amount would be returned. “If you send a $1,000 I’ll return $2,000,” read the messages, which managed to raise $117,000 (€99,000).
The police operation, known as Portland, was carried out by the National Police’s cybercrimes unit in conjunction with the Federal Bureau of Investigation (FBI) in the United States. It began in April 2020, when the US warned the Spanish police the suspect could be in Spanish territory.
Charges include cyberstalking and making extortive communications
The investigation led police to the Costa del Sol, where the man, Joseph James O’Connor, was detained. The US Department of Justice said the UK national has been charged by criminal complaint filed in California.
The charges include three counts of conspiracy to intentionally access a computer without authorisation and obtaining information from a protected computer. In addition, he faces one count of making extortive communications; one count of making threatening communications, and two counts of cyberstalking.
O’Connor is also accused of hacking accounts on other social networks, such as TikTok and Snapchat.
Twitter confirmed hack
Twitter sent out a message at the time confirming the hack. “We are aware of a security incident that is affecting Twitter accounts. We are investigating and taking action to resolve it,” the statement read.
The following day, they sent an update confirming the incident was a “coordinated social-engineering attack” and that hackers had accessed the accounts via staff “with access to internal systems and tools.”
The operation included authorities from the US, UK and Spain where the arrest was finally made.