Article Details

UK prosecutors seize £4.11M in crypto from Twitter mega-hack culprit. Civil recovery order targets PlugwalkJoe's illicit gains while he serves US sentence. British prosecutors have secured a civil recovery order to seize crypto assets worth £4.11 million ($5.39 million) from Twitter hacker Joseph James O'Connor, clawing back the proceeds of a scam that used hijacked celebrity accounts to solicit digital currency and threaten high-profile individuals. O'Connor, now 26, is already serving a five-year sentence in the US after pleading guilty in 2023 to conspiracy to commit computer intrusions, wire fraud, and money laundering for his role in the July 2020 breach that compromised accounts belonging to the likes of Barack Obama, Bill Gates, and Jeff Bezos. The group behind the intrusion used SIM-swapping and social engineering techniques to access internal Twitter tools, then pushed bogus messages urging followers to send Bitcoin to attacker-controlled wallets – a ruse that netted more than $100,000 in a matter of hours. The British Crown Prosecution Service (CPS) said on Monday that its financial recovery action, granted on November 14, covers assets including 42.378 BTC, Ethereum, and various dollar-pegged stablecoins, collectively valued at around £4.11 million as of November 10. The order falls under civil proceeds-of-crime legislation, which allows UK authorities to seize illicit gains even when the underlying conviction took place abroad. Adrian Foster, chief crown prosecutor for the CPS Proceeds of Crime Division, said the case demonstrates that cybercriminals cannot insulate themselves by committing offenses outside the UK. "Joseph James O'Connor targeted well-known individuals and used their accounts to scam people out of their crypto assets and money," he said. "We were able to use the full force of the powers available to us to ensure that even when someone is not convicted in the UK, we are still able to ensure they do not benefit from their criminality." O'Connor's activities extended beyond the Bitcoin scam. Court documents previously detailed how he and accomplices accessed private messages, extorted victims, and targeted celebrities with threats – all enabled by the compromised Twitter admin tools. His guilty plea covered not only the Twitter intrusion but a broader pattern of SIM-swap offences and cryptocurrency theft. O'Connor, known by the online alias "PlugwalkJoe," was extradited from Spain in 2023 after a lengthy arrest process and ultimately struck a plea deal with US prosecutors. His sentence included an order to forfeit $794,000 and pay restitution to victims, but the UK order goes further by targeting additional assets connected to the scheme that were within reach of British courts. The CPS also used the announcement to trumpet its wider proceeds-of-crime record, stating that over the past five years it has recovered nearly £478 million through confiscation and compensation orders, returning more than £95 million to victims. For O'Connor, the judgment means that even as he serves his US sentence, the profits of his high-profile crypto caper will continue to evaporate.