Two men from Massachusetts, have been charged by US prosecutors for a dark web fraud which targeted the cryptocurrency wallets of high-value targets, by creating Sim swapping attacks. According to the US Department of Justice (DoJ), the two defendants in this Sim swapping fraud were charged in Boston’s District court and now face lengthy sentences if found guilty.
According to an 11-page indictment, the culprits, 20-year-old Declan Harrington and 21-year-old Eric Meiggs, were charged with eight counts of wire fraud , one count of aggravated identity theft, one count of conspiracy, and one count of computer fraud and abuse. Reports from the Department of Justice, states that the Sim swapping fraud only targeted high-ranking executives of top cryptocurrency companies, owners of expensive social media accounts and crypto investors with vast sums of digital coins in their wallet.
Image Source: https://www.pandasecurity.com
The Massachusetts pair, ran the Sim swapping fraud, by subjecting their victims to a series of Sim-swapping attacks. These attacks will see a threat agent, attempt to gain control over mobile phone numbers, without the permission or consent of the real owners. The Sim swapping attacks were carried out using a no technical strategy, by directly calling service providers, and then requesting for a transfer of data on a particular number to a different Sim. The real numbers of victims, were usually bought on the dark web, along with some personal details.
In instances where a Sim-swap was successful, the two fraudsters would use the stolen phone number to request password changes for private email accounts, social media handles and accounts, and financial statements. The fraudsters also avoided two-factor authentication processes for any account, by obtaining the verification codes sent to the number they have successfully stolen.
Once the fraudsters lay their hands on the information they are after, they then use it to scorch through private emails, hijack accounts, and access online cryptocurrency wallets, stealing funds and then transferring them to a different cryptocurrency wallet owned by them. According to the US prosecutors, the Boston fraudsters, stole over $550,000 in cryptocurrency, from the wallets of their victims to their crypto wallet and used fake information from the dark web to in a bid to avoid law enforcment. Meiggs and Harrington also hijacked two valuable social media accounts.
An additional investigation also revealed that the two fraudsters targeted ten officials of many cryptocurrency exchanges and raided their online crypto-wallets. Some of these officials were targeted through their Sim swapping fraud, and locked them out of their Yahoo and Gmail accounts and took over. The two fraudsters, obtained the names of their targets on the dark web and proceeded to attack them.
Reports state that Meiggs, in an attempt to gain control over one valuable Instagram account, threatened the family members of the owner, and even went as far as stating that he would kill the wife of the account owner. The owner of the account eventually gave in to the demands of the Boston fraudster and surrendered his logins. In another instance, the two fraudsters traded the phone number, which had been Sim-swapped to a victim, in exchange for her valuable Instagram account.
Image Source: www.thehindubusinessline.com
Sim swapping frauds usually take a long time to deliver, as victims easily recognize that their phone numbers are no longer receiving messages or calls. Many people have fallen victim to this fraud in the past few years. The ever-growing mobile-centric world has made it easier for fraudsters to cancel and re-activate Sims, and then hacking into the personal accounts of the owner. With hackers also hitting the dark web with numeorus stash of stolen credentials, as well as internet banking now being the standard practice of many people, fraudsters have also taken advantage of that to swindle people out of their funds.
Just last year, one Michael Terpin, a cryptocurrency investor, fell victim to Sim Swapping fraud within seven months, which saw him lose almost $24 million worth of cryptocurrency from his online cryptocurrency wallet. After Terpin discovered that he had been defrauded, he filed a $224 million lawsuit against his service provider at that time, wireless network carrier AT&T, claiming that they allegedly provided his access information to the fraudsters.
The fraudster who stole the funds from Terpin’s online cryptocurrency wallet, Nicholas Truglia, a 21-year-old, was arrested, and in May 2019, he was ordered by a court to pay the victim an amount of over $75 million in compensatory and punitive damages. Terpin, after falling victim to a Sim-swapping fraud, wrote an open letter to Ajit Pai, the Chairman of the United States Federal Communication Commission (FCC).
In Terpin’s letter, he stated that Sim Swapping fraud had become rampant, reaching the level of becoming a potential financial defraud. He added that, due to his experience in the cryptocurrency and blockchain world, he has bear witness to some of these frauds, which saw victims lose cryptocurrencies worth over millions of dollars. Terpin, however, suggested that US mobile carries should be banned from sharing private pins and passwords with their employees and make options of a high-security plan, available to all customers.
Source: Mash Viral
Disclaimer: Darkweblink.com does not promote or endorse claims that have been made by any parties in this article. The information provided here is for the general purpose only and unintended to promote or support purchasing and/or selling of any products and services or serve as a recommendation in the involvement of doing so. Neither Darkweblink.com nor any member is responsible directly or indirectly for any loss or damage caused or alleged to be caused by or in relation with the reliance on or usage of any content, goods or services mentioned in this article.