A 20-year-old college student that has stolen more than $5 million worth of cryptocurrency through SIM swapping attacks gets a 10 years jail sentence.
Joel Ortiz, a young hacker (20) who stole more than $5 million worth of cryptocurrency by hijacking victims’ phone numbers has pleaded guilty for “SIM swapping” attacks.
The college student accepted a sentence of 10 years in prison for SIM hijacking attacks against at least 40 victims.
Ortiz was arrested last year on charges of hijacking victims’ phone numbers and stealing millions of dollars in cryptocurrency.
In SIM swap frauds crooks are able to port the phone number of the victims to a new SIM card under their control.
A SIM swap fraud is a type of fraud that overwhelms the additional security measures introduced by organizations to protect their customers.
Attackers obtain victims’ information by launching a phishing campaign, or by purchasing them in the underground market.
Crooks use the information gathered on the victims in the attempt to impersonate them in front of a telco operator and ask it to provide a new SIM to replace the old one that was lost or stolen.
They can prove their identity by answering basic security questions and requesting the cancellation of the old SIM and the activation of a new one. Once obtained a new SIM, crooks can operate with the victim’s mobile account, intercepting or initiating calls, accessing SMSs (including authorizations codes sent by bank and cryptocurrency exchanges) and to authorize transactions.
Joel Ortiz is the first hacker that was condemned to the jail for SIM swapping.
“The authorities think the slow but constant drip of arrests, and Ortiz’s sentencing, will send a clear message to those who are still out there.” reported Motherboard.
“Each arrest that we made sent shockwaves through that community,” West said. “That hey weren’t safe in their basement, they weren’t safe in their room in their mom’s house, that they were being tracked down and arrested—one by one.”
The sentence aims to send a clear message to SIM swappers, authorities will not tolerate this kind of crime and will persecute them with severe penalties.
According to Deputy District Director Eric West of Santa Clara County, California, Ortiz accepted a plea deal for 10 years last week, the official sentencing is set to take place on March 14th.
The case is not isolated, other hackers responsible for SIM swapping are waiting for the sentence.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.