Crook sentenced to 18 months for stealing $20M in SIM swapping attack

Pierluigi Paganini December 06, 2022

Nicholas Truglia, from Florida, US, was sentenced to 18 months in prison for stealing more than $20 million in a SIM swapping scheme.

DoJ announced that Nicholas Truglia (25) was sentenced to 18 months in prison for the theft of over $20 million worth of cryptocurrency through SIM swapping attacks. The man was ordered to pay $20,379,007 in restitution to the victim within 60 days. 

“Nicholas Truglia and his associates stole a staggering amount of cryptocurrency from the victim through a complex SIM swap scheme.” said U.S. Attorney Damian Williams. “Nevertheless, today’s sentencing goes to show that no matter how sophisticated the crime is, this Office will continue to successfully prosecute those who choose to defraud others.”

In January 2018, Truglia participated in a fraudulent scheme to hack into online accounts of the victims to steal cryptocurrency. The man gained unauthorized access to the online accounts of the victims through SIM swapping attacks.

Crooks conduct SIM swapping attacks to take control of victims’ phone numbers tricking the mobile operator employees into porting them to SIMs under the control of the fraudsters. Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts. The criminals could hijack social media accounts and bypass 2FA services based on SMS used by online services, including financial ones.  

According to the indictment, one of the accounts compromised by Truglia contained over $20 million worth of cryptocurrency, which was transferred to accounts under his control.

The man shared the funds with other participants in the scheme and kept approximately $673,000 worth of the stolen funds.

The account compromised by Truglia was owned by the cryptocurrency investor Michael Terpin, who filed a complaint claiming that three million tokens worth $23.8 million had been stolen from his mobile phone in 2018. In May 2019, Terpin won $75.8 million in a civil case against Truglia, who reportedly defrauded him of crypto assets.

Truglia pleaded guilty in late 2021, and last week has been sentenced to 18 months in prison and three years of supervised release. He was also ordered to forfeit $983,010.72.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, SIM swapping)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment