UK SIM-Swapper Behind Musk and Obama X Hack Ordered to Repay ~$5.4M After Crypto Gains

Restitution priced in crypto creates a uniquely compounding penalty. Joseph James O’Connor, the British national behind the 2020 SIM-swap takeover of high-profile X (Twitter) accounts, has been hit with a UK civil recovery order worth £4.1 million—about $5.4 million at current prices. The twist: the original loot was valued at roughly $794,000 when stolen. Volatility turned time into a multiplier.

Here are the core facts. In 2020, O’Connor and accomplices hijacked dozens of celebrity and brand accounts—including those of former U.S. President Barack Obama and Tesla CEO Elon Musk—via SIM swapping. Using the credibility of those profiles, they pushed a classic “send a little, get more back” crypto pitch. The pot included: - Around 42 BTC - About 235 ETH - Roughly 143,000 BUSD (a now-depreciated dollar-pegged stablecoin)

O’Connor pleaded guilty in 2023 and received a five-year sentence from a judge in the Southern District of New York. He was ordered to forfeit $794,012.64 at that time. Separately, the UK’s Crown Prosecution Service has now secured civil recovery of the appreciated crypto, citing powers that allow action even without a UK conviction. CPS official Adrian Foster said O’Connor exploited well-known accounts to defraud people and emphasized that prosecutors can strip the proceeds so offenders do not benefit.

The single most interesting element here is the “mark-to-market justice” effect. In traditional financial crime, restitution is often tethered to fiat sums that don’t swing dramatically. With crypto, the same coins can multiply in value while cases move through courts. That creates a few second-order effects:

- Deterrence: Knowing that stolen coins can grow into a larger liability may discourage some opportunists. The risk isn’t capped; it floats with the market. - Recovery dynamics: Prosecutors and asset recovery teams have an incentive to trace and freeze coins early, but holding them introduces price risk. Convert too soon and you risk under-recovery; wait too long and you may either recoup far more—or far less. - Victim outcomes: Victims suffered a loss measured at the 2020 price tag, yet restitution now reflects a much higher mark. That may exceed individual losses but still maps to the principle that criminals shouldn’t keep appreciation on ill-gotten assets. It feels fair to many, though it rarely aligns perfectly with who gets what back. - Platform accountability: Social networks benefited from celebrity trust while bearing uneven security tradeoffs. SIM swaps remain a telecom weakness that cascades into platform breaches. Stronger default controls—FIDO2 security keys, no-SMS recovery, rate-limited admin tools—would blunt this attack class.

The incident sits within a broader cycle of social-account exploits monetized via crypto. Attackers have shifted from “BTC doubling” scripts to meme-coin pumps that weaponize reach and FOMO. Earlier this year, a compromised Instagram account promoted a fake UFC-themed token on Solana, netting about $1.4 million. Last year, a malicious takeover of McDonald’s Instagram pushed a bogus “Grimace” token and pulled in around $700,000. Many brands and celebrities have been dragged into similar pump-and-dump schemes after account hijacks.

Zooming out, blockchain analytics firm Chainalysis estimated that more than $2.1 billion was stolen from crypto users through crimes in the first half of 2025, with a rising share coming from personal wallet compromises. That tracks with what we see daily: social engineering, identity takeover, and mobile carrier weak links are regularly more profitable than protocol exploits.

What matters from here is posture, not platitudes. Carriers need SIM-swap hardening by default; platforms should make phishing-resistant keys the norm for verified and high-reach accounts; users should treat any “send crypto, get more back” message—no matter the face on it—as a dead giveaway. Markets will continue to reprice restitution orders up or down. The smarter play is closing the human identity gap so there’s nothing to reprice.