Man busted in Twitter hack of Biden, Obama, Musk in bitcoin scam

Rafael Henrique | LightRocket | Getty Images

A British man was arrested Wednesday in Spain in connection with the 2020 hack of Twitter accounts belonging to Apple, President Joe Biden, former President Barack Obama, Tesla chief Elon Musk, Warren Buffett, Microsoft founder Bill Gates and more than 100 others to swindle their followers out of bitcoin, the Justice Department said.

Joseph O’Connor was arrested in Estepona by Spanish National Police at the request of U.S. authorities, who now will seek his extradition, authorities said.

O”Connor, 22, is charged in a criminal complaint in California federal court with counts related to the illegal compromise of more than 130 Twitter accounts in the hack on July 15, 2020.

Three other people previously had been charged in connection with the hack, including a then-17-year-old in Florida who was the alleged “mastermind” of the attack. A prosecutor said last year that the scam netted more than $100,000 worth of bitcoin.

O’Connor is also accused of cyberstalking a juvenile victim and computer intrusions of TikTok and Snapchat user accounts.

The Twitter account victims included Amazon founder Jeff Bezos, reality television superstar Kim Kardashian, former New York Mayor Mike Bloomberg, musicians Kanye West and Wiz Khalifa, the Cash App corporate account, and Uber‘s corporate account. The bitcoin-related tweet was Apple’s first-ever tweet, although the account had placed ads in the past. 

During the hacks, messages that said “I am giving back to my community” or some variation were posted by the accounts.

The message urged followers of the accounts to send bitcoin to an address, saying the followers then would be repaid double the amount they had sent.

Rachel Tobac, CEO of cybersecurity firm SocialProof Security, told NBC News at the time that the attack was likely the largest Twitter had ever seen.

“We are lucky the attackers are going after bitcoin (money motivated) and not motivated by chaos and destruction,” Tobac said.

Twitter last year said, “The social engineering that occurred on July 15, 2020, targeted a small number of employees through a phone spear phishing attack.”

CNBC Politics

Read more of CNBC’s politics coverage:

“A successful attack required the attackers to obtain access to both our internal network as well as specific employee credentials that granted them access to our internal support tools,” Twitter said.

“Not all of the employees that were initially targeted had permissions to use account management tools, but the attackers used their credentials to access our internal systems and gain information about our processes.”

Authorities said O’Connor is charged with three counts of conspiracy to intentionally access a computer without authorization and obtaining information from a protected computer; two counts of intentionally accessing a computer without authorization and obtaining information from a protected computer; and one count of conspiracy to intentionally access a computer without authorization and with the intent to extort from a person a thing of value, transmitting a communication containing a threat.

He also is charged with one count of making extortive communications; one count of making threatening communications; and two counts of cyberstalking.