Police in Manhattan have arrested and charged Nicholas Truglia, 21, with 21 counts of felony crimes related to hacks he allegedly conducted against 6 individuals, including a $1 million USD theft of cryptocurrencies from Silicon Valley executive Robert Ross.
According to the New York Post, Truglia is presently being held at the Manhattan Detention Complex awaiting extradition to Santa Clara, California, where he will answer to charges of grand theft, altering or damaging computer data with the intent to defraud and using personal information without authorization.
According to police, Robert Ross’s phone suddenly went dark on October 26th after which thieves robbed $500 000 of Ross’s cryptocurrency from a Gemini account and another $500 000 from a Coinbase account.
Ross said the stolen funds included his two daughters’ college fund and his entire life savings.
SIM-swap attacks have become so popular that the Santa Clara-based REACT Task Force, a California law enforcement unit dedicated to fighting cybercrime, recently told Krebs on Security that it is focussing most of its attention on this type of scam.
In a SIM-swap attack, a hacker convinces a telecom employee to port a victim’s cellphone information to their own “burner” phone so they can access any password or identifying data on the phone that might help them advance a theft, including a victim’s two-factor authentication app.
Members of REACT reportedly flew to New York on November 14th to aid in the arrest of Truglia.
“The takeaway here to the hackers is, ‘We don’t care where you’re located, we are a task force based in Silicon Valley, and our reach is nationwide,” deputy DA Erin West of Santa Clara Superior Court told The Post.
Previously, it was thought that hackers were impersonating victims and asking telecom employees to activate a new phone after a previous phone had been “lost.”
But a notable revelation unearthed in the Krebs investigation is that REACT members now believe many SIM-swap hacks are being aided by cooperating telecom employees with full knowledge of the hack.
Also targeted by Truglia, though unsuccessfully, were Saswata Basu, CEO of 0Chain; Myles Danielsen, VP at Hall Capital Partners, and Gabrielle Katsnelson, the co-founder of SMBX.
Police believe Truglia was acting with a “crew” of others in a spate of hacks that began October 8th.
Photos of Truglia published by The Daily Mail show him living large on a private jet and with friends at a nightclub.
Police arrested Truglia at his reportedly posh Manhattan apartment on 42nd street, where they found a hardware-wallet device, very similar to a thumb drive, that Truglia was allegedly using to store $300 000 in stolen funds.