Nine men have been charged for their alleged role in a major SIM swapping operation designed to bypass log-in security to steal millions in cryptocurrency from their victims.
Dubbed “The Community” by investigators, the group of individuals in their teens and 20s includes six alleged cyber-criminals and three former employees of mobile phone companies who are said to have helped them.
The former are charged with conspiracy to commit wire fraud, wire fraud and aggravated identity theft, while the latter are charged with wire fraud in relation to the conspiracy.
They all hail from the US, apart from Conor Freeman, 20, of Dublin.
The SIM swapping conspiracy they are said to have been involved in will be familiar to industry watchers.
First, the group gains control of a victim’s mobile phone number, either by bribing an employee of a carrier, or posing as the victim and tricking a customer service operative into swapping the number to a SIM controlled by the group.
They then use control of the phone to unlock digital currency accounts, for example by intercepting the 2FA codes often send by SMS.
The defendants are alleged to have executed seven attacks that resulted in the theft of cryptocurrency valued at around $2.4m.
“Mobile phones today are not only a means of communication but also a means of identification,” stated US attorney Matthew Schneider. “This case should serve as a reminder to all of us to protect our personal and financial information from those who seek to steal it.”
SIM swapping cases are becoming increasingly common. Last November, a Manhattan man was charged with allegedly stealing over $1m from various business executives.
In August last year, a US entrepreneur and cryptocurrency investor filed a $223m lawsuit against AT&T after a store employee allegedly helped fraudsters steal $24m of his digital funds, in another SIM swap attack.