Crypto “Sim Swappers” strike again in $1 million heist

November 25, 2018
Kane Pepi


Crypto “Sim Swappers” strike again in $1 million heist

There can be no denying that those looking to abuse the cryptocurrency industry for inquisitive gains are coming up with more and more complex avenues to achieve their goal. Whether its crypto-based mining malware, pump and dump schemes or good old identity fraud, criminals seem to be constantly improving their innovative methods.

However, a new breed of scam currently increasing its scope is that of “Sim Swapping.” As recently reported by CNBC, a hacker was able to compromise the mobile phone of a Silicon Valley executive, resulting in a heist of more than $1 million in cryptocurrency.

What is Sim Swapping?

The criminal act of Sim Swapping is a sophisticated method that allows bad actors to gain access to the data held on an unsuspecting victim’s mobile phone. The crime is not just relevant to cryptocurrencies, as it can also be utilized to access other sensitive information such as bank account login credentials and credit card numbers.

In order for the scam to work, the criminal must first obtain a range of personal information on their victim, such as their full name, address, date of birth or home telephone number.

Once this has been achieved, the next step will see the criminal contact the victim’s mobile phone service provider and claim to have had their phone lost or stolen. If they are able to convince the service provider that their claims are valid, then they will proceed to transfer the data held on the respective sim card, over to that of the hacker.

How did the heist happen?

According to the report, Robert Ross, a San Francisco-based executive, noticed that his mobile phone was suddenly unable to receive a signal, rendering it unusable. Upon contacting his service provider and finding out that his account may have been compromised, Mr. Ross proceeded to check his cryptocurrency exchange wallets. To his dismay, the victim discovered that more than $1 million had been withdrawn from his Gemini and Coinbase accounts.

The suspect, Nicholas Truglia, who has since been arrested by Santa Clara County law enforcement, has allegedly performed similar attacks on others.

It is believed that the victim had stored his exchange holdings in the form of a U.S. dollar wallet, which Truglia then converted to cryptocurrency, before withdrawing the balance in its entirety. Upon learning of the crime, law enforcement officers raided the suspects Manhattan apartment, subsequently recovering $300,000 from Truglia’s hard drive. Unfortunately, the remainder has not yet been discovered.

Sim Swapping continues to hit victims

This isn’t the first report of a crypto-related Sim Swapping scam, and it most likely will not be the last. Earlier this year, it was reported that a U.S. investor was the victim of a Sim Swap scam that resulted in the theft of more than $24 million in cryptocurrency holdings. Much like in the case of Nicholas Truglia, the hacker was able to obtain personal information on the victim, which allowed them to then proceed with the Sim Swap.

Since the theft, the victim has taken AT&T – the telecommunications provider that facilitated the swap, to court. The victim has claimed damages worth close to $224 million, with the plaintiff claiming grand-scale negligence.

Even more recently, two criminals, Joseph Harris and Fletcher Robert Childers, were arrested for their part in a $14 million crypto hack. The Sim Swap targeted the crypto project Crown Machine, who were storing their native CMCT tokens in their mobile hot wallet. Upon stealing the tokens, the suspects then transferred the funds to a variety of third party exchanges in order to mix them with other tokens.