Press enter to see results or esc to cancel.

$2.4 Million Crypto Thieves Bribed Carrier Employees in SIM Hijacking Heist

$2.4 Million Crypto Thieves Bribed Carrier Employees in SIM Hijacking Heist

SIM swap, SIM hijack, Crypto

The US Justice Dept has charged nine individuals in a SIM hijacking scheme involving $2.3 million in stolen crypto. | Source: Shutterstock

By CCN: SIM hijacking has proven to be yet another lucrative way to steal crypto with millions of dollar now reported to have been stolen over the years with the amount that has gone unreported possibly eclipsing that.

The latest such case involves nine individuals who have now been charged by prosecutors from the US Attorney’s Office for the Eastern District of Michigan. Per the prosecutors, the nine either participated or aided in stealing crypto worth over $2.4 million.

Six of them face charges of wire fraud, conspiracy to commit wire fraud and aggravated identity theft. Three others on the charge sheet have been indicted for ‘wire fraud in relation to the conspiracy’.

An Average of over $0.3 Million Worth of Crypto Stolen in Each Attack

According to the United States Attorney’s Office Eastern District of Michigan, this amount was stolen in seven attacks. This translates to an average haul of more than $345,000 for each attack.

In SIM hijacking, hackers remotely activate their victim’s mobile phone number on a SIM card that is in their possession. Typically, it requires the bad actors to connive with insiders. Six of the nine individuals belonged to a hacking group known as ‘The Community’. According to the Justice Department press release, SIM swapping by The Community hacking group was ‘often facilitated by bribing an employee of a mobile phone provider’.

In this particular case three of the nine individuals, Jarratt White, Robert Jack and Fendley Joseph, were employees of the cell phone service providers. The wireless carriers were not named.

Once ‘The Community’ had gained control of their victim’s SIM card, they used the number to access email and crypto exchange accounts.

Irish Crypto Sim Hijacker to Be Extradited

Five of the members of The Community hacking group, Ricky Handschumacher, Colton Jurisic, Reyad Gafar Abbas, Garrett Endicott and Ryan Stevenson are U.S. citizens while one, Conor Freeman is Irish. Already, the U.S. has sought the extradition of Freeman who was arrested last week.

Authorities in the US are seeking the extradition of a 20-year-old Dublin man in connection with an online identity theft scam which resulted in the theft of almost $2.5 million. @rtenews

— Brian O’Donovan (@BrianOD_News) May 10, 2019

According to The Journal, the first arrest of a member of The Community took place last year in May. This arrest helped authorities identify other members of the hacking group when they gained access to his devices.

Firefighter Turns out to Be the Arsonist

Interestingly, one of the members of the hacking group, Ryan Stevenson, has previously been hailed as an online security hero. Stevenson, who hails from Connecticut, was last year gifted $1,000 by the third largest mobile provider in the U.S., T-Mobile. This was after identifying a vulnerability on T-Mobile’s website which allowed anyone to access customer account PINs and home addresses.

The website flaw had to do with an unprotected API, which T-Mobile pulled offline a day after this bug was reported through its bug bounty program.

The researcher, Ryan Stevenson, received $1,000 for the find.

— #PAY Symposium (@PAY_Symposium) May 24, 2018

However, this is not the first time he is in the spotlight for nefarious activities. In November last year, an investigative report by Krebs on Security, claimed Stevenson, who goes by ‘Phobia’ online, had, while collecting T-Mobile’s bug bounty, also been selling ‘doxing’ (searching for and publishing identifying information online) services for just about any carrier in the U.S.

Bug Bounty Hunter Ran ISP Doxing Service by BrianKrebs #aoler #hackforums #joelortiz #mathonan #microsoftxbox #ne‘er-do-wellnews #og #ogusers #phobia #phobias #ryan #ryanstevenson #simswap #t-mobile #wired

— SecurityBoulevard (@securityblvd) November 10, 2018

About The Author

Mark Emem

After words, numbers are my other love… mostly when they are going up and they have nothing to do with taxes or expenses. That makes green my favorite color!

Read More