11 February 2021

Police in Europe arrest SIM hijackers who stole over $100M in cryptocurrencies from US celebs


Police in Europe arrest SIM hijackers who stole over $100M in cryptocurrencies from US celebs

European police have arrested 10 people for the their alleged role in a series of SIM swapping attacks targeting high-profile victims in the US. UK authorities arrested eight people on Tuesday in England and Scotland, while two others had been previously detained in Belgium and Malta.

The suspects were allegedly part of a criminal network that was believed to have stolen personal information and more than $100 million in cryptocurrencies by hijacking mobile phones belonging to celebrities, internet influencers, sports stars and musicians.

“Initiated in the spring of 2020, the investigation uncovered how a network composed of a dozen criminals worked together to access the victims’ phone numbers and take control of their apps or accounts by changing the passwords,” Europol said in a press release. “This enabled them to steal money, cryptocurrencies and personal information, including contacts synced with online accounts. They also hijacked social media accounts to post content and send messages masquerading as the victim.”

A SIM swap attack (also known as SIM porting or SIM hijacking) involves an attacker tricking a mobile phone service provider into transferring a customer’s phone number from the customer’s SIM card, to the attacker’s SIM card. To achieve that, an attacker pretends to be the customer, often using information gleaned from social media to answer security questions that the provider asks. Once the attacker has the target’s mobile phone number transferred to their SIM card, they can then stealthily access the target’s SMS messages or voice mails.

The arrests were the result of a joint investigation by UK, US, Canadian, Belgian and Maltese police, Europol said. The agency did not specify who the celebrity victims were.

Back to the list

Latest Posts

Researchers discover connection between SunCrypt and QNAPCrypt ransomware

Researchers discover connection between SunCrypt and QNAPCrypt ransomware

SunCrypt may be an updated version of the QNAPCrypt ransomware.
4 March 2021
Cybersecurity firm Qualys appears to be the latest victim of Accellion FTA zero-day attacks

Cybersecurity firm Qualys appears to be the latest victim of Accellion FTA zero-day attacks

The cybercriminals behind the Clop ransomware operation have posted screenshots of files allegedly stolen from Qualys on their leak site.
4 March 2021
CISA orders federal agencies to ‘immediately’ patch Exchange flaws exploited by hackers

CISA orders federal agencies to ‘immediately’ patch Exchange flaws exploited by hackers

Several APT groups are exploiting "at least" the CVE-2021-26855 Microsoft Exchange Server vulnerability as part of ongoing attacks, ESET says.
4 March 2021