An Irish man, part of a hacking group called “The Community,” is facing upwards of 100 years in a US prison after allegedly stealing over $2 million worth of cryptocurrencies in a series of SIM-swap attacks.
Conor Freeman, a 20 year-old Irish man, was named as part of the group and – if found guilty – could be extradited to the US and face over 100 years in prison, the Independent IE reports. Five other individuals were named as being part of The Community in documents from a Michigan, US court last week and face similar charges.
Court documents state the group committed seven SIM-swapping attacks which allowed them to steal $2,416,352 worth of cryptocurrency. What cryptocurrencies were stolen has not been disclosed.
The sextet have been indicted with 15 counts of wire fraud, conspiracy to commit wire fraud, and aggravated identity theft.
Each count of wire fraud carries a maximum sentence of 20 years in prison, as does conspiracy to commit wire fraud. Identity theft in support of wire fraud carries a maximum sentence of two years.
Given the number of indictments against The Community, the group could collectively face well-over 200 years in prison.
An inside job
Three employees of an unnamed mobile phone service provider have also been named in relation to the hacks.
Court documents state that Jarratt White, Robert Jack, and Fendley Joseph accepted bribes to assist The Community in carrying out their attacks.
White, Jack, and Joseph helped the hackers gain access to their victims’ mobile phone numbers using SIM-swapping techniques which reassign a phone number to a new sim card.
“The phone number was leveraged as a gateway to gain control of online accounts such as a victims’ email, cloud storage, and cryptocurrency exchange accounts,” the court documents read.
This allowed hackers to bypass the security measures protecting their victim’s cryptocurrency accounts and carry out the attacks.
SIM-swapping to steal cryptocurrency seems to be a growing trend.
Attackers used the technique to steal over $200,000 worth of cryptocurrency from a professional gamer. In another case, a group of 25 allegedly used SIM-swapping to steal $24 million from Michael Terpin, an early Bitcoin investor.
The threat of SIM-swapping has become such a concern that engineers at Google are looking at ways to protect people from future attacks.
Published May 13, 2019 — 10:04 UTC