The UK National Crime Agency (NCA), working in concert with the US Secret Service, Department of Homeland Security, Federal Bureau of Investigation, and Santa Clara DA’s Office, have arrested eight men, aged 18 to 26, in England and Scotland in regards to SIM Swap hacks of “high profile victims in the US” that included influencers, sports stars, and musicians. The NCA states that the perpetrators used the attacks to steal Bitcoin, money, and personal information.
Europol reports that these arrests follow earlier ones in Malta and Belgium of other individuals belonging to the same criminal network thus bringing the total to ten perpetrators involved in the scam. The year-long investigation pursued activity in the UK, United States, Belgium, Malta, and Canada.
A SIM Swap hack is when a criminal takes over an individual’s phone by replacing the SIM card in a smartphone – perhaps in cahoots with an individual working at a wireless company. Once the phone is hijacked, the perpetrator can gain access to email accounts and other information by resetting the passwords of users that have enacted 2-factor identification. In recent years, numerous reports have emerged of SIM Swap crooks stealing millions from cryptocurrency accounts that are easily transferred to other digital wallets. The NCA did not reveal approximate amounts of money nor crypto that were allegedly stolen but Europol reported that $100 million in crypto was pilfered.
The NCA led the UK investigation into these attacks which reportedly targeted numerous victims throughout 2020.
NCA Cyber Crime officers were said to have uncovered a network of criminals in the UK working together to access victims’ phone numbers and take control of their apps or accounts. The perps also hijacked social media accounts to post content and send messages masquerading as the victim.
NCA said that they and US investigators notified individuals when they had been targeted and where possible, prior to the criminals managing to cause any damage. The victims were then advised on how to prevent the impending attack.
Coordinated by the NCA, the investigation also involved officers from Police Scotland, the Metropolitan Police Service, East Midlands, and North East Special Operations Units, and the West Midlands Regional Organised Crime Unit.
Paul Creffield, head of operations in the NCA’s National Cyber Crime Unit, commented on the arrests:
“SIM swapping requires significant organization by a network of cybercriminals, who each commit various types of criminality to achieve the desired outcome. This network targeted a large number of victims in the US and regularly attacked those they believed would be lucrative targets, such as famous sports stars and musicians. In this case, those arrested face prosecution for offences under the Computer Misuse Act, as well as fraud and money laundering as well as extradition to the USA for prosecution. As well as causing a lot of distress and disruption, we know they stole large sums from their victims, from either their bank accounts or bitcoin wallets.
Creffield added that cyber scams are not restricted by borders and the investigation was indicative of successful collaboration with international partners in the US and Europol, as well as their own law enforcement colleagues in the UK.
Assistant Director Michael D’Ambrosio, U.S. Secret Service Office of Investigations, added:
“The multi-jurisdictional arrests announced today illustrate the importance of building strong partnerships. The Secret Service would like to thank our domestic and international law enforcement partners for their steadfast commitment and cooperation in this case. The Secret Service and our law enforcement partners remain ready to combat transnational crimes and to hold offenders accountable.”