SIM Swapper Ordered to Repay $5.4M in Stolen Crypto

Joseph James O’Connor’s criminal enterprise centered around a sophisticated SIM swapping technique that allowed him to bypass security measures and take control of prominent social media accounts. The 2020 scheme specifically targeted accounts belonging to former President Barack Obama, Tesla CEO Elon Musk, and numerous other celebrities and major brands. This method of digital identity theft proved particularly effective for orchestrating cryptocurrency scams on a massive scale.

According to court documents, O’Connor utilized the compromised accounts to promote fraudulent cryptocurrency schemes that tricked unsuspecting users into sending digital assets. The scams typically involved convincing victims to send a small amount of Bitcoin to a specified address with promises of receiving more in return. The high-profile nature of the hijacked accounts lent credibility to these schemes, enabling O’Connor to accumulate significant cryptocurrency holdings through deception.

Chief Crown Prosecutor for the Proceeds of Crime Division Adrian Foster emphasized the calculated nature of O’Connor’s crimes, stating: “Joseph James O’Connor targeted well-known individuals and used their accounts to scam people out of their crypto assets and money.” The case demonstrates how social media platform vulnerabilities can be exploited for financial gain through increasingly sophisticated methods.

The original theft involved 42 Bitcoin, 235 Ethereum, and stablecoins valued at $794,000 at the time of the crimes. However, the substantial appreciation of cryptocurrencies, particularly Bitcoin and Ethereum, has dramatically increased the value of these stolen assets. The UK’s Crown Prosecution Service has now obtained a civil recovery order requiring O’Connor to repay approximately $5.4 million, representing the current market value of the digital currencies.

This significant valuation increase highlights one of the unique challenges in prosecuting cryptocurrency crimes. While traditional financial crimes typically involve static monetary values, digital asset thefts can appreciate substantially between the time of the crime and eventual prosecution. The CPS’s civil recovery order specifically pertains to around 235 Ethereum, 42 BTC, and 143,000 BUSD, Binance’s now-depreciated dollar-backed stablecoin.

The £4.1 million Bitcoin recovery order, equivalent to approximately $5.4 million, underscores how cryptocurrency volatility can substantially impact financial restitution in criminal cases. This aspect of the ruling sets an important precedent for how authorities handle the recovery of appreciating digital assets in future cryptocurrency-related prosecutions.

O’Connor’s legal journey spanned multiple jurisdictions, with the hacker pleading guilty in 2023 and receiving a five-year prison sentence from a judge in the Southern District of New York. Initially ordered to pay $794,012.64 in forfeiture at the time of his US conviction, O’Connor now faces additional financial consequences through the UK’s civil recovery proceedings.

The Crown Prosecution Service’s ability to pursue civil recovery despite O’Connor’s conviction in US courts demonstrates the increasing international cooperation in combating cryptocurrency crimes. Prosecutor Foster highlighted this coordinated approach, noting: “We were able to use the full force of the powers available to us to ensure that even when someone is not convicted in the UK, we are still able to ensure they do not benefit from their criminality.”

This cross-border legal action reflects growing recognition among law enforcement agencies worldwide that cryptocurrency crimes often transcend national boundaries and require coordinated international response strategies. The case establishes important legal precedents for recovering criminal proceeds across jurisdictions in the digital asset space.

O’Connor’s case represents just one instance in a growing trend of social media account takeovers being used to perpetrate cryptocurrency scams. Recent incidents have shown hackers increasingly targeting verified accounts to promote fraudulent meme coins and other digital asset schemes. Earlier this year, hackers promoted a fake UFC meme coin on the Solana blockchain after compromising an Instagram account, netting approximately $1.4 million in proceeds.

Similarly, a malicious takeover of McDonald’s Instagram account last year resulted in $700,000 for hackers promoting a fake Grimace token. Numerous celebrities and brands have experienced account hijackings used to execute pump-and-dump meme coin scams, indicating this method has become a preferred tactic among cryptocurrency criminals.

The scale of this problem is reflected in recent data from blockchain analytics firm Chainalysis, whose mid-year report indicated that more than $2.1 billion has been stolen from crypto users via crimes thus far in 2025. The report notes that personal wallet compromises represent a growing share of these losses, highlighting the ongoing security challenges facing cryptocurrency holders and the need for enhanced protective measures across social media and digital asset platforms.