Florida police arrested an alleged "SIM-jacking" ring last month with court documents claiming that the fraudsters involved stole other individuals' SIM cards and used them to collect a small fortune.
Fraudulent procurement of a victim-specific SIM card, a small smart card that associates a mobile device with the account of a particular subscriber, allows an attacker to remotely gain control of the victim's phone number. This is a big problem as there are so many important services of crypto currency exchanges to Amazon that allow users to restore or change account confirmations by using an associated number.
According to court-appointed investigator Brian Krebs, investigators in Canton, Michigan first learned of the alleged plan when a mother heard her son claiming to be an AT & T employee on the phone. Research on his computer revealed databases of AT & T and T-Mobile customers' names and phone numbers, and eventually found that he had a large number of SIM cards with victims in at least seven states, some of whom said they were tens of thousands or even hundreds of thousands of cryptocurrency have been stolen
This suspect, referred to in court documents as CS1, eventually led the investigators to an alleged SIM jacking ring based on the chat services Discord and Telegram. According to the court documents, the group worked by obtaining personal information about the victims and then either bribing mobile service workers or posing as a "new SIM card with the victim's information". From there, it was easy to compromise the victim's life (19659004) "Once the funds were in wallets controlled by the group, the funds of the victims were split and distributed into each fraudster's wallet," it says the complaint. "The group would launder the money by using online crypto currency exchanges to exchange one cryptocurrency (ie: Bitcoin) for another (ie Monero)."
The fraudsters would then allegedly transfer the cryptocurrency to another wallet before rinsing it in again another cryptocurrency and sending it to a clean wallet that seemed legitimate.
According to the court documents, investigators at the Pasco Sheriff 's Office in Florida arrested a man named Ricky Handschumacher, who bragged about the proceeds of the fraud, buying vehicles on the Discord server and confirming his identity from Coinbase records.
"Handschumacher confessed his involvement in the Criminal Investigation Department of Miranda and admitted to using his mobile phone to purge cryptocurrency in quantities of more than $ 100,000," concludes the complaint  Krebs wrote that the court documents imply that the It's not clear how serious they were:
The Pasco County Sheriff's office says their monitoring of the Discord server has revealed that the group routinely staff mobile operators paid in their attacks and even discussed a plan for hacking accounts belongs to the CEO of the cryptocurrency exchange Gemini Trust Company. The complaint does not mention the CEO by name, but the current CEO is Bitcoin billionaire Tyler Winklevoss, who co-founded the exchange with his twin brother Cameron.
According to motherboard, SIM Jacking is becoming an increasingly common scam, A popular destination are rare or interesting handles on Instagram or other social media sites:
In the bustling underground market for stolen social media and gaming handles, one can short, unique username between $ 500 and $ 5,000 are on the market and a review of deals on a popular marketplace. Several hackers on the market said the Instagram account @t was recently sold for about $ 40,000 bitcoins.
Controlling a phone number allows an attacker to bypass most security measures, including two-factor authentication.
"Most systems are not designed to deal with attackers who take over phone numbers, which is very, very bad," wrote Roel Schouwenberg, news and research director at Celsus Advisory Group, in a blog post last year , "Our phone number has become almost irrevocable proof, never intended as such, just as social security numbers were never intended as credentials, and a phone number provides the kingdom's key to most services and accounts today."
Arrested in July The Californian police charged a college student that they accused them of being part of a SIM jacking ring that stole more than $ 5 million from more than 40 victims. According to the motherboard, the authorities struck 28 allegations against the suspect, 20-year-old Joel Ortiz, with sources saying he was arrested "on the way to Europe" at Los Angeles International Airport.
[Krebs on Security via The Verge]