Explore how Twitter hacker Joseph O'Connor orchestrated cryptocurrency scams, stealing $794,000 in Bitcoin. Find out how law enforcement recovered £4 million, review essential blockchain security takeaways, and learn how to safeguard against fraud on Gate and other crypto platforms.
Initial Value and Asset Escalation
When the cryptocurrencies were first stolen, their value was around $794,000. Since then, their valuation has risen dramatically, resulting in a much larger amount for restitution. This increase underscores the volatility and appreciation potential of digital assets—especially Bitcoin and Ethereum—which have seen substantial price gains in recent years.
The British hacker behind one of Twitter’s most notorious security breaches has been ordered to forfeit more than £4 million ($5 million) in cryptocurrency after the value of his stolen assets soared during his prison sentence. This case shows how rising crypto prices can significantly amplify the financial consequences for cybercriminals.
Joseph James O'Connor, age 26, was sentenced in the US in 2023 for masterminding the July 2020 Twitter hack that compromised accounts belonging to global figures such as Barack Obama, Joe Biden, Elon Musk, Jeff Bezos, Kim Kardashian, and other world leaders, tech executives, and major brands. The scale of the attack exposed serious vulnerabilities in social media platforms and highlighted the urgent need for stronger security protocols.
By gaining access to Twitter’s internal admin tools, O'Connor and his associates took control of over 130 accounts and posted tweets urging followers to send Bitcoin with promises of doubling their money. This social engineering ploy exploited the trust millions placed in these verified public figures.
Prosecutors reported that the group collected more than $794,000 through the scam—a significant sum that now pales compared to the assets’ current value.
Recently, the UK Crown Prosecution Service announced it had secured a civil recovery order for 42.378 BTC, 235,329 ETH, 143,273.57 BUSD, and 15.23 USDC linked to O'Connor, now valued at about £4.1 million. This cross-border legal action highlights increasing international collaboration in prosecuting crypto-related crimes.
The assets, worth only a fraction of today’s value at the time of the hack, will be liquidated by a court-appointed trustee. O'Connor, currently living in Spain, did not attend the London hearing, but his mother confirmed he was willing to give up any remaining interest in the funds. This willingness streamlined the legal process and allowed authorities to recover the assets without further complications.
O'Connor pleaded guilty in the US to a range of offenses, including computer intrusion conspiracy, wire fraud conspiracy, money laundering conspiracy, extortion, threatening communications, and harassment of a 16-year-old victim. The breadth of these charges reveals a pattern of criminal conduct extending well beyond the Twitter hack.
He was extradited from Spain, sentenced to five years in prison, and subsequently deported earlier this year. The international extradition process underscored the seriousness with which law enforcement treats high-profile cybercrime.
During extradition, the CPS obtained a Property Freezing Order to prevent the transfer of cryptocurrencies—a crucial step to ensure the assets remained available for recovery once legal proceedings concluded.
Adrian Foster, Chief Crown Prosecutor for the CPS Proceeds of Crime Division, emphasized that authorities will pursue criminal profits even when convictions occur overseas. “We leveraged every available power to ensure that even if someone is not convicted in the UK, we can still guarantee they do not profit from their criminal activity,” he said.
Bitcoin’s rally has dramatically increased the value of O'Connor’s stolen holdings. With prices now near $92,800—almost ten times higher than mid-2020—the remaining assets have ballooned to over £4.1 million, according to prosecutors. This exponential rise illustrates both the potential rewards and the risks inherent in cryptocurrency investing.
The Twitter breach stands as one of the largest social media security failures ever. X, formerly Twitter, temporarily locked verified accounts while the scam affected more than 350 million users. The incident prompted a thorough review of platform security protocols and led to major improvements in authentication and access controls.
Investigators later found that two unwitting British associates opened crypto accounts used by O'Connor, but were not involved in the fraud. This underscores how cybercriminals can exploit innocent third parties in their operations.
This case comes amid growing concern over crypto-related cybercrime, with governments worldwide reporting a rapid rise in sophisticated digital extortion schemes. Authorities are continually developing new tactics and technologies to counter these emerging threats.
Law enforcement agencies have also reported a sharp rise in crypto laundering. According to Global Ledger data cited in filings, hackers stole more than $3 billion in 119 incidents during just the first eight months of 2025—already 1.5 times the total for 2024. This troubling trend highlights the urgent need for stricter security measures across the crypto sector.
International enforcement continues: in November, the US Department of Justice moved to seize over $15 million in USDT tied to North Korea’s APT38 hacking group, linked to a series of major exchange breaches in 2023. These cases confirm that state actors are also involved in crypto cybercrime.
Europol also broke up a cybercrime syndicate responsible for creating more than 49 million fake online accounts, including fraudulent crypto profiles, using large-scale SIM farm infrastructure. This operation revealed the industrial scale of modern crypto fraud.
Despite the surge in global investigations, recent data show the sector is seeing short-term improvements in security. October 2025 was the safest month of the year for crypto platforms, with just $18.18 million lost to hacks—an 85% drop from September. This positive trend suggests that enhanced security measures are starting to make a measurable difference in reducing losses from cyberattacks.
FAQ
What was the Musk and Obama Bitcoin scam, and how did hackers pull it off?
Hackers used social engineering to compromise Twitter employees and gain access to verified accounts of high-profile figures. They posted fraudulent offers promising to double Bitcoin sent to wallets they controlled. The scheme generated at least $112,000 in cryptocurrency before Twitter locked the accounts and deleted the malicious tweets.
What is the total amount of cryptocurrency stolen, and what is the current status of these funds?
The stolen cryptocurrency totaled $1.38 billion in the first half of 2024—double the previous year. The funds remain active and dispersed across multiple blockchain addresses.
Why is the hacker facing a $5 million fine, and what is the legal basis for it?
The hacker faces a $5 million fine for financial fraud through data theft, violating PCI DSS standards and data protection laws. The penalty is for cybercrimes and the resulting economic damage.
How many victims were there in this scam, and how much did they lose?
Exact numbers of victims and total funds lost have not been publicly disclosed. Official confirmation is required to provide accurate figures.
If the price of the stolen Bitcoin rises, does the hacker profit? How do authorities track and freeze these funds?
Yes, the hacker could profit if prices rise, but authorities track blockchain transactions and freeze funds. Platforms like Bybit offer bounty programs that reward participants for helping identify and freeze stolen assets, distributing 10% of recovered funds to contributors.
How can I spot and avoid celebrity impersonation Bitcoin scams?
Always verify official celebrity accounts, avoid clicking on unverified links, be wary of promises of outsized returns, never share private keys, and report fraudulent accounts immediately to the authorities.
What lessons does this case offer for crypto security and exchange regulation?
This case underscores the critical need for comprehensive crypto security. Exchanges should implement stricter regulations, stronger asset protection protocols, and ongoing technical audits. Robust technological safeguards, a solid legal framework, and vigilant oversight are essential to prevent fraud and safeguard user funds across the crypto ecosystem.
* The information is not intended to be and does not constitute financial advice or any other recommendation of any sort offered or endorsed by Gate.
