Home / Archive / $2.4 Million Crypto Thieves Bribed Carrier Employees in SIM Hijacking Heist

$2.4 Million Crypto Thieves Bribed Carrier Employees in SIM Hijacking Heist

Last Updated March 4, 2021 2:31 PM
Mark Emem
Last Updated March 4, 2021 2:31 PM

By CCN.com: SIM hijacking has proven to be yet another lucrative way to steal crypto with millions of dollar now reported to have been stolen over the years with the amount that has gone unreported possibly eclipsing that.

The latest such case involves nine individuals who have now been charged by prosecutors from the US Attorney’s Office for the Eastern District of Michigan. Per the prosecutors, the nine either participated or aided in stealing crypto worth over $2.4 million.

Six of them face charges of wire fraud, conspiracy to commit wire fraud and aggravated identity theft. Three others on the charge sheet have been indicted for ‘wire fraud in relation to the conspiracy’.

An Average of over $0.3 Million Worth of Crypto Stolen in Each Attack

According  to the United States Attorney’s Office Eastern District of Michigan, this amount was stolen in seven attacks. This translates to an average haul of more than $345,000 for each attack.

In SIM hijacking, hackers remotely activate their victim’s mobile phone number on a SIM card that is in their possession. Typically, it requires the bad actors to connive with insiders. Six of the nine individuals belonged to a hacking group known as ‘The Community’. According to the Justice Department press release, SIM swapping by The Community hacking group was ‘often facilitated by bribing an employee of a mobile phone provider’.

In this particular case three of the nine individuals, Jarratt White, Robert Jack and Fendley Joseph, were employees of the cell phone service providers. The wireless carriers were not named.

Once ‘The Community’ had gained control of their victim’s SIM card, they used the number to access email and crypto exchange accounts.

Irish Crypto Sim Hijacker to Be Extradited

Five of the members of The Community hacking group, Ricky Handschumacher, Colton Jurisic, Reyad Gafar Abbas, Garrett Endicott and Ryan Stevenson are U.S. citizens while one, Conor Freeman is Irish. Already, the U.S. has sought the extradition of Freeman who was arrested last week.

According to The Journal , the first arrest of a member of The Community took place last year in May. This arrest helped authorities identify other members of the hacking group when they gained access to his devices.

Firefighter Turns out to Be the Arsonist

Interestingly, one of the members of the hacking group, Ryan Stevenson, has previously been hailed as an online security hero. Stevenson, who hails from Connecticut, was last year gifted $1,000 by the third largest mobile provider in the U.S., T-Mobile. This was after identifying a vulnerability on T-Mobile’s website  which allowed anyone to access customer account PINs and home addresses.

However, this is not the first time he is in the spotlight for nefarious activities. In November last year, an investigative report by Krebs on Security , claimed Stevenson, who goes by ‘Phobia’ online, had, while collecting T-Mobile’s bug bounty, also been selling ‘doxing’ (searching for and publishing identifying information online) services for just about any carrier in the U.S.