Friday, May 10, 2019


Quick glimpse at a REALLY INTERESTING story with a somewhat local connection regarding the fight for control of your mobile device -- Now a big money game that also attracts suspected criminals. Checkit:

Nine Individuals Connected to a Hacking Group Charged With Online Identity Theft and Other Related Charges

Six individuals connected to a hacking group known to its members as “The Community” were charged in a fifteen count indictment unsealed today with conspiracy to commit wire fraud, wire fraud and aggravated identity theft, announced United States Attorney Matthew Schneider.

(A Warrensburg, Mo., man is among six individuals connected to the group.)

According to the indictment, the defendants are members of “The Community” and are alleged to have participated in thefts of victims’ identities in order to steal cryptocurrency via a method known as “SIM Hijacking”. Cryptocurrencies, also known as virtual currencies or digital currencies, are online media of exchange. The most famous of these is Bitcoin. Like traditional currency, they act as a store of value and can be exchanged for goods and services. They can also be exchanged for dollars.

“SIM Hijacking” or “SIM Swapping” is an identity theft technique that exploits a common cyber-security weakness – mobile phone numbers. This tactic enabled “The Community” to gain control of victims’ mobile phone number, resulting in the victims’ phone calls and short message service (“SMS”) messages being routed to devices controlled by “The Community”. “SIM Hijacking” was often facilitated by bribing an employee of a mobile phone provider. Other times, SIM Hijacking was accomplished by a member of “The Community” contacting a mobile phone provider’s customer service—posing as the victim—and requesting that the victim’s phone number be swapped to a SIM card (and thus a mobile device) controlled by “The Community”.

The indictment alleges that, once “The Community” had control of a victim’s phone number, the phone number was leveraged as a gateway to gain control of online accounts such as a victim’s email, cloud storage, and cryptocurrency exchange accounts. For example, “The Community” would use their control of victims’ phone numbers to reset passwords on online accounts and/or request two-factor authentication (2FA) codes that allowed them to bypass security measures.

The members of “The Community” charged in the indictment endeavored to gain control of victims’ cryptocurrency wallets or online cryptocurrency exchange accounts and steal victims’ funds. It is alleged in the indictment that the defendants executed seven attacks that resulted in the theft of cryptocurrency valued at approximately $2,416,352.

“Mobile phones today are not only a means of communication but also a means of identification,” stated United States Attorney Matthew Schneider. “This case should serve as a reminder to all of us to protect our personal and financial information from those who seek to steal it.”

“The allegations against these defendants are the result of a complex cryptocurrency and identity theft investigation led by Homeland Security Investigations, which spanned two continents,” said Salazar. “Increasingly, criminal groups are turning exclusively to web-based schemes to further their illicit activities, which is why HSI has developed capabilities to meet these threats head on.”

If convicted on the charge of conspiracy to commit wire fraud, each defendant faces a statutory maximum penalty of 20 years in prison. The charges of wire fraud each carry a statutory maximum penalty of 20 years in prison. A conviction of aggravated identity theft in support of wire fraud carries a statutory maximum penalty of 2 years in prison to be served consecutively to any sentence imposed on the underlying count of wire fraud.

The defendants in this case are presumed innocent. Indictments and criminal complaints are merely charges and it is the government’s burden to prove guilty beyond a reasonable doubt.

Developing . . .


Kristina said...

We have a Justice Department mow. Today is day [ 90 ]. Goodbye Rod Rosenstein.

Beware the wiley watchdogs at Fort Meade and the many other EYES ON THE CRIMINAL GALS AND GUYS!!! ! said...

White hats ride, again! With expert fluencies in digital tech and in the world's many spoken languages, cyber sleuths of private and guv entities are stomping bad hackers' butts!