US indicts UK resident 'PlugwalkJoe' for cryptocurrency theft

The UK national is accused of stealing $784,000 in cryptocurrency.
Written by Charlie Osborne, Contributing Writer

US prosecutors have indicted a UK national for allegedly conducting a SIM-swapping scheme resulting in cryptocurrency theft.

On Wednesday, the US Department of Justice (DoJ) named Joseph O'Connor, also known as "PlugwalkJoe," as the subject of the indictment. Prosecutors claim that O'Connor and his co-conspirators plotted to steal $784,000 in cryptocurrency from an unnamed crypto exchange based in Manhatten. 

At the time, the firm "provided wallet infrastructure and related software to cryptocurrency exchanges around the world," the DoJ says. 

According to the indictment (.PDF), O'Connor conducted SIM-swapping attacks to target the company's executives. 

SIM-swapping uses social engineering techniques -- including the impersonation of an intended victim or, in some cases, hiring internal help -- to have a phone number transferred to a handset controlled by an attacker. 

In this often short window, the victim can no longer receive calls or texts. Instead, calls and messages are rerouted to another device outside of their control. 

Cybercriminals can then grab two-factor authentication (2FA) codes and account details, granting them access to financial services and cryptocurrency wallets linked to the compromised phone number. 

US law enforcement says that between roughly March and May in 2019, O'Connor and others involved in the scheme used SIM-swaps to target at least three company employees. 

One particularly successful attempt granted the cyberattackers access to numerous company accounts and systems, including corporate G-Suite services. 

"Within hours of this SIM-swap attack, O'Connor and his co-conspirators leveraged control of Executive 1's phone number to obtain unauthorized access to Company 1's accounts and computer systems," the indictment reads. 

The group then allegedly plundered wallets owned by two of the firm's clients, leading to the theft of 770.784869 Bitcoin Cash (BCH), 6,363.490509 Litecoin (LTC), 407.396074 Ethereum (ETH), and 7.456728 Bitcoin (BTC). 

The 22-year-old was arrested in Spain, and the US government is currently seeking extradition. 

O'Connor is being charged with conspiracy to commit computer intrusions, wire fraud, aggravated identity theft, and conspiracy to commit money laundering. If found guilty of all charges, the UK resident could face decades behind bars. 

Previous and related coverage

Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0

Editorial standards