The latest report revealed that PlugwalkJoe, a SIM swap cyberpunk who stole about $794 thousand in crypto from an exchange and was caught in 2019, has been sentenced to five years imprisonment by the court.

According to the report, Joseph O’Connor, a British hacker popularly known as PlugwalkJoe, hacked into the phone of an undisclosed executive of an exchange through a SIM swap method in 2019. Afterward, he reportedly stole about $794,000 in crypto from the exchange.

Fortunately, the hacker couldn’t clean his tracks after the exploit. Hence, cybersecurity experts traced and nabbed him. He recently appeared before a court where he was sentenced to five-year imprisonment, according to the report.

The report revealed that PlugwalkJoe was first arrested in July 2021 in Spain; however, he was legally deported to the United States in April of this year. The prosecutors accused him of plotting to perpetrate money laundering, wire fraud, computer intrusions, etc. He reportedly pleaded guilty to the charges, according to reports.

However, on June 23, the United States Attorney’s Department of New York’s Southern District sentenced the hacker to a five years jail term. In addition to the jail term, O’Connor would be released on probation for three years. He was also ordered to pay a fine of $794,012.64 in the forfeiture of his loot.

O’Connor And His Team SIM Swapped Their Victim

Since the attack occurred, the executive the hacker exploited has not been revealed. However, the report showed that when PlugwalkJoe swapped his SIM, he unlawfully gained access to private data, accounts, and the computing systems which belonged to the exchange where the victim was working.

Furthermore, the hacker and his team reportedly stole and fraudulently diverted his crypto loot after gaining access to the accounts. Afterward, they laundered it via numerous transactions, swapping some to BTC via crypto-swapping exchanges. However, the hacker exposed himself when a portion of the stolen asset was transferred to a crypto exchange address controlled by Joseph O’Connor.

In his lawsuit document, the court also stated that he was responsible for a Twitter attack in July 2020. According to reports, he and his team looted about $120,000 in crypto then.

According to the report, the hackers launched a string of social media engineering techniques in which SIM swapped about 130 prominent Twitter users and two massive Snapchat and Tiktok accounts. Hence, these accounts were under their control.

After gaining access to these accounts, the conspirators can use the hacked account to defraud others. Or they can also sell the ceased accounts to others, according to the report.

As part of his strategies, PlugwalkJoe reportedly threatened the owner of the Snapchat account to do his bidding, or he would release private content and chats of his victim to the internet. In another instance, he used the hacked accounts to promote his account.

Furthermore, the perpetrator was also found guilty of stalking and threatening a victim as he created a string of swatting attacks on him by making a false emergency complaint to the law enforcers.

SIM Swap Technique Continues To Thrive Amongst Hackers

For context, a SIM swap hack occurs when a perpetrator takes control of a victim’s mobile phone number by attaching it to another sim they control. Furthermore, this act gives them the liberty to redirect the victim’s messages and calls to another device that they hold.

Ultimately, this strategy allows them to access any account which the victim used the hacked sim to open or used as his two-factor authentication. Generally, they target accounts with many followers and use the technique on them.

Afterward, they use the influence of the owner of the hacked account to lure more people into clicking on phishing links that they would paste on the account. And once people click the link, their crypto assets will be gone. Even though O’Connor’s case occurred about three years ago, fraudsters are still using SIM swapping techniques to dupe a lot of people.

For instance, a hacker group reportedly SIM swapped about eight accounts of famous figures in the crypto space, some of which are Steve Aoki (a DJ and NFT collector), Cole Vilemain (founder of Pudgy Penguins), and others. According to the report, the hackers stole about $1 million in crypto through the phishing links pasted on the hacked accounts.