Crypto Theft: $1 Million Worth Digital Assets Stolen in SIM Swap Heist
A teenage hacker tapped into 75 mobile phones in a massive identity theft spree which allegedly netted him a million dollars’ worth of crypto assets.
Crypto Targeted in Phone Jacking Spree
According to reports Brooklyn, New York-based Yousef Selassie stole the identities of 75 people via their smartphones in an effort to steal $1 million in cryptocurrency.
The nineteen-year-old used a sophisticated SIM swapping technique operated from the comfort of his downtown apartment. According to the Manhattan District Attorney’s Office Selassie hijacked the phones of people in 20 different states between January and May this year.
By transferring his victim’s phone numbers to his own iPhones he was able to reset their email passwords and cryptocurrency accounts.
According to cybersecurity firm Norton SIM swapping involves exploiting weaknesses in two-factor authentication and verification in which the second step is a text message (SMS) or call to the mobile phone number.
To take over the SIM and number scammers often call the mobile service provider impersonating the victim and claiming that they have lost their SIM card and number.
They will ask the provider to activate a new SIM card, in their possession, which will port all of the victim’s personal data including the number to the attacker’s device. Once this happens the victim’s phone goes offline.
There may be security questions involved so the attacker will use phishing attacks or social media profiles to glean the answers to them. Facebook has become a hotbed of nefarious activity due to the fact that people are too quick to share personal information.
Once the perp has access to the phone number they can use it for communication with banks or in this case crypto accounts that use two-factor authentication.
According to the report the cryptocurrency was stolen from just two of Selassie’s victims. He was arrested on December 5 in Corona, California, and extradited to New York.
On Wednesday he pleaded not guilty to 87 counts of grand larceny, identity theft and other charges at Manhattan Supreme Court.
Cryptocurrency Community Targeted
According to ZDNet May, this year was an active month for SIM swapping with numerous cases being reported on crypto social media.
Attackers had started focusing on members of the crypto community and it was not hard to find them on twitter. The report posted a number of tweets from US-based crypto traders and investors indicating that it may have been a coordinated series of attacks.
SIM swapping attacks emphasize how vigilant crypto holders need to be now, especially if also active on social media.
What do you think about this massive crypto heist? Share your thoughts in the comments below.
Image via Shutterstock