It is enough to go around social networks to understand that cryptocurrencies have become a religion. With the same passion with which the participants of the Council of Nicaea argued for or against certain doctrinal aspects, arguments can be read as to why Bitcoin or similar are immune to economic cycles, government actions, speculative practices and criminal attempts.
But evildoers always manage to do their thing
Stealing cryptocurrencies using SIM. A very common practice.
Garrett Endicott, 22, a native of the US state of Missouri, was identified as the sixth (and last) member of a gang of cybercriminals known as The Community. Endicott, pleaded guilty to the charges of wire fraud and aggravated identity theft after which he received a sentence of 10 months in prison and was ordered to pay a total amount of $ 121,549.37 in restitution for the stolen goods.
According to the Department of Justice, the band was engaged in SIM swapping, also called SIM hijacking. It consists of an identity theft scheme in which malicious parties persuade telephone operators to ttransfer their victims' cellular services to criminals-controlled SIM cards. In some cases, bribed company employees are involved, while in others criminals contact the provider's customer service posing as the victim.
By gaining control of the phone numbers, criminals can use it as a starting point to hijack the different online services that the victim operates with.such as email, cloud storage, and cryptocurrency exchange accounts. In this way they can neutralize security measures such as passwords and unique verification codes that are sent through SMS messages as part of the two-factor authentication (2FA) process,
According to information from the Department of Justice, the members of the gang used this method mainly against victims from the states of California, Missouri, Michigan, Utah, Texas, New York and Illinois. Although they also extended their activities to the rest of the country. What was stolen from the victims ranged from two thousand to five million dollars.
The other members of the gang, aged between twenty-two and twenty-eight, were sentenced to between two and four years in prison.
Acting United States Attorney Saima Mohsin practicing in the Eastern District of Michigan explained:
The actions of these defendants resulted in the loss of millions of dollars to the victims, some of whom lost all of their retirement savings. This case should serve as a reminder for all of us to protect our personal and financial information from those who seek to steal it.
It is not the first news of a band that operates in the same way. Earlier this year, Europol coordinated an investigation involving police officers from the UK, the US, Belgium, Malta and Canada. In this case, the target was celebrities and Internet influencers and what was stolen totaled more than one hundred million in cryptocurrencies. A year earlier, Europol itself led an operation to dismantle two criminal SIM swapping groups that stole 3,5 million euros ($ 3,9 million) by orchestrating a wave of more than 100 attacks targeting victims in Austria, emptying their bank accounts through their phone numbers.
From Europol they recommend that users keep their device software updated, limit the exchange of data online and enable two-step authentication through apps instead of receiving an authentication code sent by SMS. If possible, do not associate the phone number with our online accounts.
Someone once told me that the component that fails the most in a computer system is the one between the keyboard and the back of the chair. It is clear that no matter how secure a technology is, as long as there is a human being in the middle, criminals are going to find some vulnerability.