[Krebs on Security] Convicted SIM Swapper Gets 3 Years in Jail

Krebs on Security has posted a new item. A 21-year-old Irishman who pleaded guilty to charges of helping to steal millions of dollars in cryptocurrencies from victims has been sentenced to just under three years in prison. The defendant is part of an alleged conspiracy involving at least eight others in the United States who stand accused of theft via SIM swapping, a crime that involves convincing mobile phone company employees to transfer ownership of the target's phone number to a device the attackers control. Conor Freeman of Dublin took part in the theft of more than two million dollars worth of cryptocurrency from different victims throughout 2018. Freeman was named as a member of a group of alleged SIM swappers called "The Community" charged last year with wire fraud in connection with SIM swapping attacks that netted in excess of $2.4 million. Among the eight others accused are three former wireless phone company employees who allegedly helped the gang hijack mobile numbers tied to their targets. Prosecutors say the men would identify people likely to have significant cryptocurrency holdings, then pay their phone company cohorts to transfer the victim's mobile service to a new SIM card -- the smart chip in each phone that ties a customer's device to their number. A fraudulent SIM swap allows the bad guys to intercept a target's incoming phone calls and text messages. This is dangerous because a great many sites and services still allow customers to reset their passwords simply by clicking on a link sent via SMS. From there, attackers can gain access to any accounts that allow password resets via SMS or automated calls, from email and social media profiles to virtual currency trading platforms. Like other accused members of The Community, Freeman was an active member of OGUsers, a forum that caters to people selling access to hijacked social media and other online accounts. But unlike others in the group, Freeman used his real name (username: Conor), and disclosed his hometown and date of birth to others on the forum. At least twice in the past few years OGUsers was hacked, and its database of profiles and user messages posted online. According to a report in The Irish Times, Freeman spent approximately €130,000, which he had converted into cash from the stolen cryptocurrency. Conor posted on OGUsers that he spent approximately $14,000 on a Rolex watch. The rest was handed over to the police in the form of an electronic wallet that held the equivalent of more than $2 million. Please use the link above to continue reading this posting. * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * The 2020 Threat Hunting Report While many SOCs are struggling to cope with the current security threat workload, organizations are making the switch to include threat hunting as part of their security operations. They are discovering that proactive threat hunting can reduce the risk and impact of threats while improving defenses against new attacks. Discover the full results of the 2020 Threat Hunting Report. Download Now: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * You received this e-mail because you asked to be notified when new updates are posted. Best regards, BrianKrebs P.S. You may manage your subscription here: