California police have arrested a college student accused of hijacking cell phone numbers on July 12, 2018. Court documents obtained by motherboard indicate theft of more than five million dollars in Bitcoin and other cryptocurrency. 20 years old Joel Ortiz and his accomplices allegedly hacked the sim cards of over forty people and tricked them into either sending cryptocurrencies or draining their wallets of digital currencies.

What is sim swapping or sim jacking?

Sim swapping or hijacking involves deceiving sim card providers into transferring your number into a different sim card. This sim card is owned by the perpetrators. Hackers call customer support and use social engineering to trick them into believing that it is really you who has called. The hackers may provide some of your personal information such as your home address for verification. Once your number has been transferred into the sim card owned by the hacker, you lose access to it. The hacker can now access all your accounts linked to that number.

A Binance user was the victim of a sim swap when his email and social media accounts were hacked by a random attacker. Reddit user BeanThe5th posted a plea in the r/cryptocurrency subreddit. He mentioned that his account had been compromised and hackers had already withdrawn two Bitcoin. Binance has a daily withdrawal limit of two Bitcoins and hence the attackers could only withdraw a limited amount of digital currencies. The reddit post received help and attention from cryptocurrency community and Binance responded by freezing the account to limit damage.

Details of the Hacks

OGUSERS is a website designed for the trading of valuable Twitter or Instagram accounts. It is frequently used by sim swapping hackers to sell stolen accounts. Joel Ortiz was a member of OGUSERS. The primary targets of Ortiz and his group were people involved in blockchain and cryptocurrency. They stole their victims cryptocurrency and also their social media accounts in order to sell them for Bitcoin or other cryptocurrencies.

Events that led to his arrest

An investor who is involved in blockchain projects informed the police about his cell phone number being stolen twice by hackers. Ortiz allegedly also harassed other family members of the investor. AT&T provided call records for that number after they were issued a warrant. This data led to two Samsung Android phones, which were determined to be the devices employed by the hackers. Google was then served a warrant and the accounts linked to those phones were obtained. These accounts had incriminating evidence against Ortiz. Cryptocurrency exchanges used by Ortiz, namely Coinbase, Bittrex and Binance, were also served warrants. The data provided by them showed movement of over one million dollars worth of cryptocurrency. Ortiz was arrested while on his way to Europe and now faces charges in court of law.

Image provided by Pixabay.