$100 Million Worth of Crypto Stolen From Celebrities
Ten people have been arrested in connection with the theft of $100 million in cryptocurrencies. The criminals used a method called SIM-swap, which means taking over a victim's phone number to withdraw funds from their bank account.
- A coordinated action between Europol and law enforcement authorities led to the capture of the 10 perpetrators of SIM-swap-fraud attacks;
- The countries involved were the USA, UK, Malta, Belgium and Canada;
- The criminals 'stole' over $100 million.
The investigation conducted by Europol with the support of law enforcement agencies of the USA, UK, Malta, Belgium, and Canada led to the capture of 10 criminals belonging to a group specializing in SIM-swap attacks. The thieves may have acquired a sum exceeding even $100 million in cryptocurrencies. According to Europol's press release, the victims were mainly celebrities, influencers, sports stars, musicians and their family members.
The criminal group of 12 people used a method of swapping SIM cards to gain access to phone authentication services. This mechanism is called SIM-swap-fraud, SIM-splitting, or SIM-jacking. The loot was not only money and cryptocurrencies, but also personal information and contact lists. Phone thieves also highjacked social media accounts, enabling them to post content and send messages, impersonating the victim.
Europol
Established in the 1990s, the European Union Agency for Law Enforcement Cooperation, better known as Europol - a law enforcement agency that investigates crime and terrorism cases by coordinating cooperation between the relevant police departments of EU member states.
How SIM-swap-fraud works
This type of theft uses the victim's phone number to take control of their bank accounts. The scheme is as follows:
- The criminal acquires the victim's basic data, phone number, bank account number;
- They use the information with the mobile network operator to issue a duplicate SIM card;
- The victim's number is used to call an online banking operator and changing the passwords;
- The thieves use the 'intercepted' phone number (two-step authentication codes are sent on the phone) to log into bank accounts and transfers funds to his/her own account.
An Europol investigation launched in spring 2020 revealed that criminals happen to use the "services" of bribed individuals during the phase described in the second point of the list. It seems that the ease of obtaining a new SIM card, as well as the vulnerability of two-step authentication, are the most important elements of this method.
How not to become a victim of such attack
Although such a theft seems very dangerous, it has quite a significant weakness. If we are attentive, we can spot that we are a victim of such an attack. At the moment of registration of a duplicate SIM card made by the criminal, our number will suddenly lose coverage. A message about an inactive SIM card may also be displayed. We should then immediately call the operator (even using another phone) and explain the matter. If the consultant confirms that the lack of coverage is the result of a duplicate card being present, we should immediately contact the bank and block the phone verification methods. Only quick reaction can protect us from losing money.
The whole process starts with acquisition of our data, which is necessary for the process of getting a duplicate SIM from the operator. Criminal usually does it by mail-phishing or by buying data from leaked databases. That is why we should be careful when browsing emails and do not open suspicious messages. It is also worth changing the passwords to our accounts on a regular basis and not to bind important services with a phone number without a need.