The U.S. Department of Justice today announced charges against nine individuals, 6 of which are members of a hacking group called “The Community” and other 3 are former employees of mobile phone providers who allegedly helped them steal roughly $2.5 million worth of the cryptocurrency using a method known as “SIM Swapping.”
According to the 15-count indictment unsealed today, five Americans and an Irishman related to The Community hacking group are charged with conspiracy to commit wire fraud, as well as wire fraud and aggravated identity theft.
Another three Americans, who reportedly are the former employees of mobile phone providers, are charged in a criminal complaint with the wire fraud.
SIM Swapping, or SIM Hijacking, is a type of identity theft that typically involves fraudulently porting of the same number to a new SIM card belonging to the attacker.
In SIM swapping, attackers social engineer a victim’s mobile phone provider by convincing it that they are the actual owner of the phone number they want to swap by providing required personal information on the target, eventually tricking the telecoms to port the target’s phone number over to a SIM card belonging to the attackers.
The defendants executed the attacks successfully—thanks to the three charged former mobile phone service provider employees who reportedly helped “The Community” to “steal the identities of subscribers to their employers’ services in exchange for bribes.”
Here’s the list of defendants charged in the indictment:
- Conor Freeman, 20, of Dublin, Ireland
- Ricky Handschumacher, 25 of Pasco County, Florida
- Colton Jurisic, 20 of, Dubuque, Iowa
- Reyad Gafar Abbas, 19, of Rochester, New York
- Garrett Endicott, 21, of Warrensburg, Missouri
- Ryan Stevenson, 26, of West Haven, Connecticut
- Jarratt White, 22 of Tucson, Arizona (former mobile phone provider employee)
- Robert Jack, 22 of Tucson, Arizona (former mobile phone provider employee)
- Fendley Joseph, 28, of Murrietta, California (former mobile phone provider employee)
On successful SIM swapping, ‘The Community’ attackers used their victims’ phone numbers to reset passwords and gain access to their online accounts—including email, cloud storage, and cryptocurrency exchange accounts and wallets—using verification codes and two-factor authentication codes received on those numbers.
images from Hacker News