Researcher warns of a MacOS vulnerability that Apple refuses to correct
infosec

Researcher warns of a MacOS vulnerability that Apple refuses to correct

According to an Italian security researcher named Filippo Cavallarin, macOS Mojave 10.14.5 and younger are vulnerable to a ...
Read More
infosec

The Pentagon: Educates the cyber-squire for a world war on a deserted island!

The Pentagon: Few have access to Plum Island in which a secret branch of the US government is located and performs exercises ...
Read More
infosec tweaks

New generation malware and ways of protection: What you need to know

Every day we hear about new attacks by hackers on companies, organizations, and even individuals. The worrying is that the scammers ...
Read More
infosec

Google Play Protect protects your device from malware. Turn it on!

Due to the recent vulnerability of WhatsApp that enabled hackers to remotely install spyware on both ...
Read More
infosec

Hackers stole sensitive NederWoon customer information

A home rental company, NederWoon, has been hit by hackers. Hackers managed to get into the company's systems ...
Read More
Latest Posts

Prisoners hackers for the theft of millions of dollars through SIM swapping assault

YESThe Ministry of Justice of USA found guilty 9 people for 2,5 theft of millions of dollars. Six of the perpetrators belonged to a group of hackers, called "Community". The other three were former employees in mobile telephony companies. According to the indictment, 3 former employees helped hackers steal cryptocurrency worth of 2,5 million dollars through "SIM swapping" attacks.

Five of the six members of the Community group are of American origin, and the sixth member is from Ireland. 15 has been accused of criminal offenses, including theft of money and theft identity.

The former employees of the companies are Americans.

The defendants' information has been published:

Team hackers «Community »

Conor Freeman, 20 years old, from Ireland

Ricky Handschumacher, 25 years old, from Florida

Colton Jurisic, 20 years old, from Iowa

Reyad Gafar Abbas, 19 years old, from New York

Garrett Endicott, 21 years old, from Missouri

Ryan Stevenson, 26 years old, from Connecticut

Former employees

Jarratt White, 22 years old, from Arizona

Robert Jack, 22 Years, from Arizona

Fendley Joseph, 28 years old, from California

In SIM swapping attacks, attackers transfer the victim's phone number to a SIM card they manage themselves.

Initially, the perpetrators get user data either using the phishing technique or by buying them at Dark webwhere stolen user data is found. Having this information, communicating with mobile operators and pretending victim users, they are asking for a replacement of the old SIM card with a new one, on the grounds that the old one was lost or stolen.

Companies ask a few questions to be sure they are talking to the holder of the number, but the hackers, with the information they have, can answer them correctly. Then, they are able to cancel the old SIM card and activate a new one.

Once the new SIM is activated, the perpetrators can handle the victim's account, make calls, read and send messages, access codes, trade, and more.

"SIM Hijacking" or "SIM Swapping" is a technique of identity theft. It does not exploit any particular one vulnerability. Virtually exploits the cell phone number.

So, in this case, the "Community" team took control of the victims' mobile phones, using the number and some personal data.

According to the court, the former employees of the companies helped the hackers to acquire the new SIM.

According to the charges, the perpetrators made seven attacks and stole 2,5 millions of dollars from the victim's cryptocurrency exchange wallets. The money was transferred to purses handled by the perpetrators.

The sentence imposed on them by the court is 20 years of imprisonment. Those who participated in the theft of personal data (and not just money) will be punished for two more years.

Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *