After a period of relative quiet during the first part of this year, “CryptoTwitter” started lighting up late last month with reports of a spate of SIM-swap hacks being waged against known American personages in the crypto investing world, ZDNet reports.
In a SIM-swap hack, attackers take control of a victim’s cell phone and use the phone’s 2FA (2-factor authentication) application to access an owner’s personal accounts, including social media, cryptocurrency exchange and cryptocurrency wallet accounts.
Some of the CryptoTwitter personalities reported that they had successfully repelled attacks against their crypto accounts, but that their social media accounts had been taken over and that hackers were using them to solicit cryptocurrencies from their followers:
Police officers working for the Santa Clara, California-based REACT (Regional Enforcement Allied Computer Team) task force were remarkably efficient in 2017 and 2018 at identifying, arresting and prosecuting more than a dozen prolific SIM-swap conspirators in the US and abroad who collectively stole millions from their victims.
Many of those culprits, including, 21-year-old New Yorker Nicholas Truglia and 18-year-old Boston-area high school valedictorian Joel Ortiz, are now in custody, and Ortiz is serving a ten-year prison sentence.
In November of last year, REACT Task Force Detective Caleb Tuttle told Krebs on Security that most SIM-swap hacks appeared to be being abetted by telecom employees:
“Most of these SIM swaps are being done over the phone, and the notes we’re seeing about the change in the [victim’s] account usually are left either by [a complicit] employee trying to cover their tracks, or because the employee who typed in that note actually believed what they were typing,’…(after being) tricked by a complicit co-worker at another store who falsely claimed that a customer there had already presented ID.”
CryptoTwitter personage Chris Robison tweeted about a recent series of SIM-swap attacks he experienced and also claimed the attacks featured evidence of collaboration with and a cover up by a telecom insider: