The fight against the ‘SIM swapping’ is becoming one of the priorities for the U.S. law enforcement officials. In an interview to KrebsonSecurity, Samy Tarazi, the head of REACT anti-cybercrime task force, said that the number of fraud cases committed this way had increased dramatically.
“If someone gets robbed of $100,000 that’s a huge case, but we’re now dealing with someone who buys a 99 cent SIM card off eBay, plugs it into a cheap burner phone, makes a call and steals millions of dollars,” said Tarazi.
‘SIM swapping’ is a scam in which a cellular provider is mislead to transfer the control over a victim’s phone number to the attacker's SIM card. Once the number is in the hands of the hacker, he uses it to reset the victim's password and crack his accounts, including mail and access to cryptocurrency exchanges.
Sometimes this method even allows thieves to bypass two-factor authentication. Replacing SIM cards is, therefore, a relatively simple way of fraud, which is becoming increasingly more popular among criminals.
There have already been several high-profile cases of crypto fraud committed this way. In the U.S. this summer, the police arrested a 25-year-old Florida resident who, with the help of illegally obtained SIM-cards, stole hundreds of thousands of dollars in virtual money.
Joseph Handschumacher was charged with theft on a particularly large scale and money laundering. In this case, the attacker was part of a group that substituted SIM-cards all over the country. The largest amount that criminals received was worth $470,000 at the exchange rate at the time, which was divided between nine gang members.
The scheme was revealed when the mother of one of the robbers overheard a telephone conversation in which the son presented himself as an employee of AT&T. She called the police, and the police found a large number of mobile phones, SIM cards, and computer files in her son’s possession that contained a list of names and phone numbers of people all over the world.
In California, a college student from Boston was arrested and accused of participating in a criminal gang that cracked mobile phone numbers in order to steal cryptocurrency. An attacker named Joel Ortiz and his associates used the technique of taking SIM cards, too. With the help of telecommunications giant AT&T, investigators were able to get the mobile identifier numbers of mobile equipment (IMEI) phones used by the thief. Subsequently, detectives had access to email accounts associated with smartphones, where they obtained evidence of potential criminal activity. Police picked up the trail of another gang member when they found a mobile phone used by Joel Ortiz. A fraudster named Xzavyer Narvaez was also arrested.
There was another loud story related to the ‘SIM swapping’. American crypto investor, business angel, founder of the Bit Angels investment group Michael Turpin sued AT&T telecommunications conglomerate for negligence, which resulted in a loss of almost $24 million in cryptocurrency. He claimed that AT&T was not able to enforce its own security rules in the process of ‘SIM swapping’.
In his complaint, Turpin claimed that in seven months he had fallen victim to two AT&T security system hacks that had to do with replacing the SIM card. In his opinion, the company was aware of the vulnerability, and its employees cooperate with hackers. He explained that after the first hack, AT&T took additional measures of protection, but they proved insufficient. The phone number was compromised by a hacker collaborator. Using the number, the attacker was able to gain access to online wallets and steal almost $24 million in cryptocurrency.
The ‘SIM swapping’ is now becoming even more profitable for criminals who want to make money off cryptocurrency. Therefore, it is not surprising that the REACT group based in Santa Barbara is actively trying to control the criminal situation around this fraudulent method.
Subscribe to our Telegram channel to stay up to date on the latest crypto and blockchain news.