Skip to content

Forget Crypto Jacking: SIM Swapping Snitching of Crypto is Easier and Bigger

Hackers have taken to snitching large caches of cryptocurrencies and other valuable assets from mobile phones using the lates
Hackers have taken to snitching large caches of cryptocurrencies and other valuable assets from mobile phones using the latest technique of SIM Swapping.

Mobile security developers have new challenges as Santa Clara law officers bust ‘SIM swapping’ phone fraud. Highly-skilled hackers have taken to snitching large caches of cryptocurrencies and other valuable assets from mobile phones using the latest technique of “SIM Swapping” report the advanced REACT Task Force working in Californian state investing mobile fraud. One recent victim lost as much as $100,000 after his mobile number was hijacked.

REACT Supervisor Samy Tarazi shared that the Santa Clara County Sheriff office was instituted to handle cybercrimes, given that California is a tech cradle. Lately, the focus of the organization is on SIM swapping crimes, the officer said, since the number of such incidents reported has consistently increased. The primary targets of such crimes are Californian businessmen either living in the region or running their businesses in this area.

SIM Swapping

Tarazi believes that these crimes are the handiwork of a handful of cybercriminals, “a few dozens at the most.”

The profile of such SIM swapping criminals is interesting as well. The average age is between 19-22 years, and their modus operandi is: “someone who buys a 99 cent SIM card off eBay, plugs it into a cheap burner phone, makes a call and steals millions of dollars. That’s pretty remarkable.” Value of such cryptocurrency robberies has sometimes exceeded $100,000, the law enforcement team shared. The victim, in this case, was Christian Ferri, and he was the founder President of BlockStar a local area cryptocurrency firm.

In early July 2018, criminals were successful in breaking through Ferri’s mobile service provider, T-Mobile database and deactivate the victim’s SIM card at the time when the latter was traveling across Europe. Next, a new SIM card was activated for the same number on a device held by the hacker. This allowed them to complete a critical process – reset the Gmail account password. Once they had access to the victim’s Google Drive, they succeeded in using the credentials stored to access different services used by Ferris including a crypto exchange.

Since their focus was only on stealing cryptocoins, they exploited only that data and did not misuse any of the other critical information to acquire other assets of the victim.

Targets are Crypto-influencers

The officials point out that most of the targets of SIM swapping based crypto coins-robberies are typically crypto influencers and are vocal on multiple platforms encouraging the use and adoption of cryptocurrencies. The social media accounts of such personalities are highly coveted and are also called as “OG account” and have a resale value of thousands of dollars.

Weak Carrier software allowed exploitation

The criminals used the weak software layer at the mobile carriers’ end to complete these heists. In the case of T-Mobile, a website bug allowed hackers to view the personal account of a customer when they used a phone number of the target along with a simple internal tool used on T-Mobile’s platform (which they could access via open internet). The glitch-access allowed them to reach out to access the PIN used by the victim on their mobile phone.

Latest