Europol said on Wednesday it had assisted in the arrest of 10 hackers suspected of stealing $100 million in cryptocurrency in as “SIM-swapping” attack that allowed suspects to gain access to their victims’ phones.
The attacks orchestrated by this criminal gang targeted thousands of victims throughout 2020, including famous internet influencers, sport stars, musicians and their families.
This international sweep follows a year-long investigation jointly conducted by law enforcement authorities from the United Kingdom, United States, Belgium, Malta and Canada, with international activity coordinated by Europol.
Initiated in the spring of 2020, the investigation uncovered how a network composed of a dozen criminals worked together to access the victims’ phone numbers and take control of their apps or accounts by changing the passwords.
This enabled them to steal money, cryptocurrencies and personal information, including contacts synced with online accounts. They also hijacked social media accounts to post content and send messages masquerading as the victim.
This type of fraud is known as ‘sim swapping’ and it was identified as a key trend on the rise in the latest Europol Internet Organised Crime Threat Assessment. It involves cybercriminals taking over use of a victim’s phone number by essentially deactivating their SIM and porting the allocated number over to a SIM belonging to a member of the criminal network.
This is typically achieved by the criminals exploiting phone service providers to do the swap on their behalf, either via a corrupt insider or using social engineering techniques.
