Suspect in 2020 Twitter celebrity hack arrested in Spain

The hackers hijacked celebrity accounts and asked followers to send bitcoin to an account, promising to double their money. PHOTO: REUTERS

WASHINGTON (AFP) - A British national charged in last year's hack of Twitter accounts of celebrities and politicians has been arrested in Spain, US officials said on Wednesday (July 21).

The Justice Department said Spanish National Police arrested 22-year-old Joseph O'Connor on a warrant issued by a US federal court stemming from the high-profile hack linked to a crytpocurrency scheme.

O'Connor faces multiple charges in connection with the July 2020 hack of over 130 Twitter accounts, including those of Apple, Uber, Kanye West, Bill Gates, Joe Biden, Barack Obama and Elon Musk.

The hackers hijacked the celebrity accounts and asked followers of them to send bitcoin to an account, promising to double their money.

The Justice Department said O'Connor faces charges related to unauthorised computer access, extortion and cyber stalking.

Earlier this year, the Florida teenager accused of masterminding the attack was sentenced to three years in juvenile prison in a plea agreement.

Graham Ivan Clark, 18, described as the mastermind of the July 2020 "Bit-Con" worldwide hack, was sentenced to the maximum allowed under Florida's Youthful Offender Act.

Clark was 17 when he was charged, and his case was transferred to a Florida state court because of his juvenile status.

According to the authorities, Clark used his access to Twitter's internal systems to take over the accounts of several companies and celebrities and used a combination of "technical breaches and social engineering", netting some US$100,000 (S$136,000).

A tweet that appeared on Tesla founder Musk's Twitter feed said: "Happy Wednesday! I am giving back Bitcoin to all of my followers. I am doubling all payments sent to the Bitcoin address below. You send 0.1 BTC, I send 0.2 BTC back!"

It added that the offer was "only going on for 30 minutes".

Twitter said at the time that the July 15 incident stemmed from a "spear phishing" attack which deceived employees about the origin of the messages.

The hack affected at least 130 accounts, including that of Mr Biden while he was a candidate for president.

Join ST's Telegram channel and get the latest breaking news delivered to you.