Authorities in the US charged nine individuals last week with aggravated identity theft and wire fraud. The fraudsters were using SIM swaps to steals cryptocurrencies from the victims.
SIM swap fraudsters finally charge
SIM-jacking is a method of hacking into a user’s mobile SIM and using important information thereof to steal digital currencies. For instance, hackers can steal passwords of cryptocurrency accounts and then hack the SIM to get OTPs or other crucial info to log into that account securely and steal coins.
The nine individuals who were recently charged by the US authorities were part of a similar group called “The Community.” Of these, one is Irish, and others are American, all aged between 19 and 28 years. They defrauded users in Arizona, Connecticut, Iowa, California, Florida, New York, and Missouri.
During their investigations, the officers found that three defendants were formerly employed with mobile phone providers. This helped them gain control of the personal data of the subscribers of their respective companies. They used Telegram and Discord chats to carry their operations. The criminal complaint suggests that they even planned to steal from the Winklevoss twins. It isn’t likely that they followed through with the plan or if they were serious about it.
Crypto users are prone to SIM hijacking
According to court documents, the scammers first received personal information on their victims and their bribed or impersonated as cellular service company employees to activate a new SIM card with their victim’s information. They used this to get access to the user’s cryptocurrency wallets and steal money from them.
Interestingly, the first evidence of the SIM-hijacking group was unearthed when a Michigan woman overheard her son pretending to be an AT&T employee. She immediately called investigators whole then found files with a list of names and phone numbers. They also got some cell phones and SIM cards. The defendants used SIM cards to gain access to their crypto accounts, reset passwords and even request two-factor authentication codes, easily bypassing all security measures. The law enforcement agencies have been working on extraditing a 20-year-old man from Dublin who stole about $2.5 million in cryptocurrencies.
The issue was highlighted previously by Florida-based law firm Silver Miller. The company sued AT&T and T-Mobile on behalf of its client who suggested that the lack of security at AT&T allowed hackers to infiltrate his accounts. They stole digital currency worth about $620,000.