It appears that at least the United States has started taking the threat of Sim Swapping attacks very seriously.
Starting with the country’s first-ever conviction for ‘SIM Swapping’ this February, U.S. Department of Justice has since then announced charges against several individuals for involving in the scheme to siphon millions of dollars in cryptocurrency from victims.
In the latest incident, the U.S. authorities on Thursday arrested two more alleged cybercriminals from Massachusetts, charging them with stealing $550,000 in cryptocurrency from at least 10 victims using SIM swapping between November 2015 and May 2018.
SIM Swapping, or SIM hijacking, is a technique that typically involves the social engineering of a target’s mobile phone provider.
An attacker makes a phony call posing as their targets and convinces the mobile phone provider to port the target’s phone number to a SIM card belonging to the attacker.
Once successful, the attacker can then obtain one-time passwords, verification codes, and two-factor authentication received on the target’s phone in order to reset passwords for and gain access to target’s social media, email, bank, and cryptocurrency accounts.
Hackers Also Targeted Executives of Cryptocurrency Companies
According to the indictment, the two defendants — Eric Meiggs (20) and Declan Harrington (21) — not just only targeted users with high-value cryptocurrency accounts, but also targeted executives of cryptocurrency companies in an attempt to make a significant profit.
Besides this, the two defendants have also been charged for taking over social media accounts of their victims, including two who “had high value or ‘O.G.’ (slang for ‘Original Gangster’) social media account names.”
images from Hacker News