Millions in Crypto Stolen in SIM Card Bitcoin Hijacking Scheme, Consensus Conference Targeted
California authorities arrested a 20 year-old college student who is accused of hijacking more than 40 phone numbers and stealing $5 million in cryptocurrency, according to a report from Motherboard. Court documents show that Joel Ortiz is accused of “SIM hijacking” or “mobile hacking” to steal cryptocurrency. Ortiz and unnamed accomplices targeted attendees at the blockchain conference Consensus, among other victims.
Ortiz, who is from Boston, was at Los Angeles International Airport en route to Europe when he was arrested on July 12.
Some of his victims were at the fourth annual Consensus in New York City from May 14-16. The event, which is sponsored by CoinDesk, attracted thousands of crypto investors and blockchain developers.
The hacking technique involves tricking a cell phone provider such as AT&T, Verizon or T-Mobile. To pull off the scheme, Ortiz and his crew had to impersonate their targets. They allegedly contacted the victims’ cell phone providers to request new SIM cards. The scammers would then transfer the target’s phone number to the new SIM card. By resetting a Gmail password or other vital key, the scammer was able to lock out the victim and take control of crypto accounts, bank accounts, investment accounts, social media accounts, email accounts and accounts linked to Amazon, eBay, Netflix and Hulu, among others.
SIM swapping is an increasingly popular technique among hackers. It can work with or without two-factor authentication (2FA) enabled on a cell phone, decimating an important layer of protection that is frequently used by people in the crypto community.
“I looked at my phone and it was dead,” an unnamed entrepreneur at Consensus told Motherboard. The entrepreneur was scammed out of $1.5 million in crypto, according to the report, that was hijacked from his phone.
Ortiz is also accused of stealing passwords to social media accounts. According to the report, he would sell valuable Instagram and Twitter accounts that he hijacked by using a website called OGUsers, an online marketplace for virtual goods. Investigators also found that he used YouTube to upload videos on “zero-day exploits” and social media account highjacking.
Coinbase, Bittrex and Binance are cooperating with investigators to trace Ortiz’s footsteps. Apparently he traded roughly $1 million in crypto on the exchanges. Roughly $250,000 has been seized so far. The remaining amount has yet to be tracked.
According to the complaint, Ortiz is facing 13 counts of hacking, 13 counts of identity theft and two counts of grand theft. His bail has been set at $1 million.
Log into your AT&T account, go to “View Profile” and then navigate to “Sign-in Info”.
Search for “Wireless Passcode” and select “Manage Extra Security” to add a PIN.
Reset your PIN at VZW.com/PIN. You can also reset your PIN by calling 1-800-922-0204 or by visiting a Verizon store.
Update your Sprint PIN, which is already required. Log in and select “My Sprint” > “Profile” > “Security.” To update your PIN, scroll down to “Security Information”.
You’ll need to create a six-digit passcode by dialing 611 from your cell phone or by calling 1-800-937-8997.