Authorities Arrest SIM Swapping Gang that Targeted Celebrities (zdnet.com) 29
Eight men were arrested across England and Scotland this week as part of a coordinated crackdown against a SIM swapping gang that has hijacked the identities and social media profiles of US celebrities. From a report: The UK National Crime Agency, which made the arrests on Tuesday, said the gang targeted well-known sports stars, musicians, and influencers, primarily located in the US. "These arrests follow earlier ones in Malta (1) and Belgium (1) of other members belonging to the same criminal network," Europol, which coordinated the multi-national investigation, said today. Officials said this gang engaged in SIM swapping attacks, where they tricked US mobile operators into assigning a celebrity's phone number to a new SIM card under the attacker's control. While they had access to the victim's phone number, the SIM swappers would reset passwords and bypass two-factor authentication on the victim's accounts. "This enabled them to steal money, bitcoin and personal information, including contacts synced with online accounts," the NCA said. Europol said the gang stole more than $100 million worth of cryptocurrency using this method
Doesn't make sense (Score:1)
Why would they target celebrities? Celebrities have a jillion eyeballs and cameras on them and their dwellings. Rich nobody's would be a better target.
Re: (Score:1)
There are many who get rich off of real-estate, stocks, private investing, etc. who are more or less hermits and like it that way.
Re: (Score:1)
If they can't find out who the quiet rich people are, they are not very good hackers. Well, okay, I agree we may be seeing the dumber hackers at work here. The good ones wouldn't be making news. Stupid crooks make the news more often than smart crooks.
Re:Doesn't make sense (Score:5, Insightful)
Why would they target celebrities? Celebrities have a jillion eyeballs and cameras on them and their dwellings. Rich nobody's would be a better target.
I agree, but let us also remember that these are Sim-swapping criminals dumb enough to get caught. No doublt there are zillions of smarter ones choosing better targets and avoiding capture. May their milk curdle.
Re:Doesn't make sense (Score:5, Insightful)
Why would they target celebrities? Celebrities have a jillion eyeballs and cameras on them and their dwellings. Rich nobody's would be a better target.
For practical reasons actually, celebrities tend to be easier to research and find answers to various security questions, due to the wealth of information posted online about them due to fandom. These security questions may be harder for average folks, "What's your favorite animal?", but I'm sure you can find an interview with a celebrity where they talk about their love of leopards, pandas etc.
They also tend to have a large number of social media followers, meaning it can be more easily monetized for bitcoin scams etc.
Re: (Score:2)
Misconception. (Score:2)
Celebrities have a jillion eyeballs and cameras on them and their dwellings.
This is false because there a LOT of minor celebrities. You should consider how many "Youtubers" there are because if they have a channel with millions of subscribers then they are a celebrity. Just because you don't know they doesn't make them less of a celebrity.
Re: (Score:2)
Why would they target celebrities?
nudes.
And in next year's news (Score:1)
Inmate convicted of sim-swapping victim of sim-swap
SOMEPRISONSOMEWHERE - A prisoner from the notorious "2020 SIMSWAP gang" was a victim of his own game. He was caught after a guard heard him screaming when he found out his account at an unnamed crypto-currency exchange had been emptied. No word yet on whether prosecutors are willing to give him a lighter additional sentence for having a contraband cell phone in exchange for helping track down those who victimized him.
"Authorities arrest Sim gangs" (Score:1)
is how I first interpreted it. I was thinking the authorities had nothing better to do if they were arresting virtual people.
Re:"Authorities arrest [Sims] gangs" (Score:1)
Correction, "Sims"
TOTP (Score:1)
Google Authenticator / Microsoft Authenticator use TOTPs to authenticate rather than basic phone numbers. Why aren't apps using something similar that can't be easily stolen?
Re: (Score:2)
That's my #1 reason for never using SMS for security. Who still trust any telecom company at this point?
Re: (Score:2)
Customer service.
People lose stuff like phones. They don't back up their TOTP seeds.
Re: (Score:1)
That is what I thought... but then I got simjacked and my 2fa TOTP codes were bypassed because of google account recovery was set to my phone.
So what happens to seized crypto currencies? (Score:1)
I wonder if that seized crypto currency is just plain lost, which in theory increases the value of what remains, just as a permanently locked wallet you can't remember the password for does...
When they seize stuff they sell it (Score:2)
When the National Crime Agency seizes things - boats, cars, houses, Bitcoin, paintings, whatever, they sell the stuff at auction. You can find the auction listings with a quick Google search.
Here's one of their pages about it.
https://www.nationalcrimeagenc... [nationalcr...ncy.gov.uk]
I found it interesting what they choose for the very first sentence in their web page:
"Someone doesn't need to have been convicted of a crime for us to pursue their assets."
That's the first thing they want everyone to know?
Re: (Score:3)
"Basically, we're thugs with authorization from the government to steal the assets of anyone we want" would pretty much mean the same thing.
Re: (Score:2)
Pretty much. Just like cops stealing cash from anyone they stop on US freeways.
Re: (Score:1)
> like cops stealing cash
It's not stealing, it's civil forfeiture. Just like, we didn't 'rig the election' we 'fortified the election'. So 'legal' in both cases.
Influencers are celebrities now? (Score:2)
Is the bar so low? How culturally embarrassing.
Okay but... (Score:2)
Okay but now go after the carriers who facilitate this by making it too easy to get a new SIM issued for a number, and providing inadequate controls for consumers.
Which is most of them.
How does that work? (Score:3)
they tricked US mobile operators into assigning a celebrity's phone number to a new SIM card
How does that work? I don't understand. Why would an operator assign an existing number to a new SIM card without verifying the person's identity?
I once had lost my phone. Had to go to the carrier's shop, and show my ID before they de-activated my old SIM and gave me a new one.
Re: (Score:1)
Just hire a celebrity impersonator [youtube.com] and make a fake ID.
Re: How does that work? (Score:2)
Please also arrest the other SIM swapper (Score:1)
Because non-celebrities are equally not happy with being the victim of criminal activities.
SMS Verification -_- (Score:2)