By CCN: SIM hijacking has proven to be yet another lucrative way to steal crypto with millions of dollar now reported to have been stolen over the years with the amount that has gone unreported possibly eclipsing that.
The latest such case involves nine individuals who have now been charged by prosecutors from the US Attorney’s Office for the Eastern District of Michigan. Per the prosecutors, the nine either participated or aided in stealing crypto worth over $2.4 million.
Six of them face charges of wire fraud, conspiracy to commit wire fraud and aggravated identity theft. Three others on the charge sheet have been indicted for ‘wire fraud in relation to the conspiracy’.
AN AVERAGE OF OVER $0.3 MILLION WORTH OF CRYPTO STOLEN IN EACH ATTACK
According to the United States Attorney’s Office Eastern District of Michigan, this amount was stolen in seven attacks. This translates to an average haul of more than $345,000 for each attack.
In SIM hijacking, hackers remotely activate their victim’s mobile phone number on a SIM card that is in their possession. Typically, it requires the bad actors to connive with insiders. Six of the nine individuals belonged to a hacking group known as ‘The Community’. According to the Justice Department press release, SIM swapping by The Community hacking group was ‘often facilitated by bribing an employee of a mobile phone provider’.
In this particular case three of the nine individuals, Jarratt White, Robert Jack and Fendley Joseph, were employees of the cell phone service providers. The wireless carriers were not named.
Once ‘The Community’ had gained control of their victim’s SIM card, they used the number to access email and crypto exchange accounts.
IRISH CRYPTO SIM HIJACKER TO BE EXTRADITED
Five of the members of The Community hacking group, Ricky Handschumacher, Colton Jurisic, Reyad Gafar Abbas, Garrett Endicott and Ryan Stevenson are U.S. citizens while one, Conor Freeman is Irish. Already, the U.S. has sought the extradition of Freeman who was arrested last week.
Authorities in the US are seeking the extradition of a 20-year-old Dublin man in connection with an online identity theft scam which resulted in the theft of almost $2.5 million. @rtenews https://www.rte.ie/news/courts/2019/0510/1048622-online-scam/ …46:27 AM – May 10, 2019Twitter Ads info and privacyUS seeks extradition of man over $2.5m identity scamUS authorities are seeking the extradition of a 20-year-old Dublin man in connection with an online identity theft scam which resulted in the theft of over $2 million US dollars.rte.ieSee Brian O’Donovan’s other Tweets
According to The Journal, the first arrest of a member of The Community took place last year in May. This arrest helped authorities identify other members of the hacking group when they gained access to his devices.
FIREFIGHTER TURNS OUT TO BE THE ARSONIST
Interestingly, one of the members of the hacking group, Ryan Stevenson, has previously been hailed as an online security hero. Stevenson, who hails from Connecticut, was last year gifted $1,000 by the third largest mobile provider in the U.S., T-Mobile. This was after identifying a vulnerability on T-Mobile’s website which allowed anyone to access customer account PINs and home addresses.
The website flaw had to do with an unprotected API, which T-Mobile pulled offline a day after this bug was reported through its bug bounty program.
The researcher, Ryan Stevenson, received $1,000 for the find. https://apple.news/ABjFu0xsqSxaEJWD3YSbWmA …2:32 PM – May 24, 2018Twitter Ads info and privacyAn unsecured T-Mobile website made customer information available to anyoneA T-Mobile web domain left millions of customers’ account information — including their names, addresses, and sometimes tax identification numbers — unprotected for anyone to access. The website is…apple.newsSee #PAY Symposium’s other Tweets
However, this is not the first time he is in the spotlight for nefarious activities. In November last year, an investigative report by Krebs on Security, claimed Stevenson, who goes by ‘Phobia’ online, had, while collecting T-Mobile’s bug bounty, also been selling ‘doxing’ (searching for and publishing identifying information online) services for just about any carrier in the U.S.
Bug Bounty Hunter Ran ISP Doxing Service https://buff.ly/2PX30zr by BrianKrebs #aoler #hackforums #joelortiz #mathonan #microsoftxbox #ne‘er-do-wellnews #og #ogusers #phobia #phobias #ryan #ryanstevenson #simswap #t-mobile #wired4:17 PM – Nov 10, 2018Twitter Ads info and privacyBug Bounty Hunter Ran ISP Doxing Service – Security BoulevardA Connecticut man who’s earned “bug bounty” rewards and public recognition from top telecom companies for finding and reporting security holes in their Web sites secretly operated a service that…securityboulevard.comSee SecurityBoulevard’s other Tweets