Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Alleged Twitter Hacker Charged With Theft of $784K in Crypto via SIM Swaps

Alleged Twitter Hacker Charged With Theft of $784K in Crypto via SIM Swaps

The US Department of Justice has indicted a suspected Twitter hacker known as ‘PlugWalkJoe’ for also stealing $784,000 worth of cryptocurrency using SIM swap attacks.

SIM swap attacks are when threat actors take control of targets’ phone numbers by porting them to their own device’s SIM card. These attacks are commonly made by performing social engineering and pretending to be the target, hacking into mobile carriers’ systems, or bribing employees.

Once they perform the SIM swap, the attackers will receive victims’ messages and calls which allows bypassing SMS-based multi-factor authentication (MFA), stealing user credentials, as well taking over the victims’ online service accounts.

Also Read: What Does Resolution Of Data Really Means

In the indictment unsealed today in the Southern District of New York, the DOJ claims that Joseph O’Connor, a/k/a “PlugwalkJoe,” and co-conspirators used SIM swaps to gain access to accounts for a Manhattan-based cryptocurrency company.

Using this access, the alleged hackers stole $784,000 Bitcoin Cash, Litecoin, Ethereum, and Bitcoin from wallets managed by the company on behalf of clients.

“Between approximately March 2019 and May 2019, JOSEPH JAMES O’CONNOR, a/k/a “PlugwalkJoe,” the defendant, and his co-conspirators perpetrated a scheme to use SIM swaps to conduct cyber intrusions in order to steal approximately $784,000 worth of cryptocurrency from a Manhattan-based cryptocurrency company (“Company-1”), which, at all relevant times, provided wallet infrastructure and related software to cryptocurrency exchanges around the world, ” reads the unsealed indictment.

The stolen cryptocurrency includes 770.784869 Bitcoin cash, approximately 6,363.490509 Litecoin, approximately 407.396074 Ethereum, and about 7.456728 Bitcoin. 

Also Read: Top 10 Data Protection Cases That You Must Know About

The suspect is charged under this new indictment with conspiracy to commit computer hacking, conspiracy to commit wire fraud, aggravated identity theft, conspiracy to commit money laundering, 

O’Connor was previously indicted for his alleged involvement in a massive July 2020 Twitter hack that allowed threat actors to hijack accounts and promote cryptocurrency scams that stole over $120,000 worth of Bitcoin.

Barack Obama's account hijacked to promote crypto scams
Barack Obama’s account hijacked to promote crypto scams

Some of the 130 high-profile accounts used in the attack included politicians, celebrities, tech executives (@JeffBezos, @BarackObama, @elon_musk, @kanyewest, @JoeBiden, @BillGates, and @WarrenBuffet) and companies (@Apple, @Uber, @coinbase, @Gemini, @binance).

The US government is pursuing the extradition of O’Connor, who is currently in custody in Spain.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us