Technology
First hacker convicted for SIM swapping gets 10 years in prison
A college student is facing 10 years in prison for stealing millions in cryptocurrency using a method called “SIM swapping.”
According to , 20-year-old Joel Ortiz of Boston accepted a plea deal for stealing more than $5 million in cryptocurrency from around 40 victims. Ortiz plead guilty to and was sentenced to 10 years in prison as part of his plea deal.
Ortiz was able to steal the cryptocurrency through a hacking method known as SIM swapping. Krebs on Security has reported on of SIM swapping throughout the past few months.
Over the last year, a number of brazen SIM hijackers have been arrested, such as 21-year old who allegedly stole a million dollars in cryptocurrency. However, authorities say Ortiz is the first person to be convicted of a crime involving SIM swapping.
SIM swapping is a technique that mainly involves the social engineering of a target’s mobile phone provider. Using personal information obtained on their target, a hacker will attempt to convince the target’s mobile phone provider to port their phone number over to a SIM card belonging to the hacker.
Once the swap occurs, the hacker has essentially hijacked their target’s mobile phone number. One-time passwords, verification codes, and two-factor authorization that goes through a user’s mobile device via phone call or text message gets sent to the hacker.
Email, bank, and cryptocurrency accounts have often been the targets of SIM swapping. Social media accounts have also see a rise in hijacking through this method. Over the past few months, there’s been a significant uptick in high-profile stolen through methods like SIM swapping.
Two-factor authorization has especially been upended by the practice of SIM card hijacking. Many forms of require a user to send an SMS message to their mobile devices when signing in to an account along with their password. The process was often sold as a must-enable security protocol which would eliminate most forms of hacking. SIM swapping has caused many security experts to re-strategize when it comes to authentication methods involving text messages.
The long-held assumption was that hackers may be able to guess your password, but they can’t remotely steal your physical mobile device too. Hackers proved that line of thinking wrong by showcasing how they don’t need to steal the actual device — just the mobile number will do.
-
Entertainment6 days ago
OpenAI’s plan to make ChatGPT the ‘everything app’ has never been more clear
-
Entertainment5 days ago
‘The Last Showgirl’ review: Pamela Anderson leads a shattering ensemble as an aging burlesque entertainer
-
Entertainment6 days ago
How to watch NFL Christmas Gameday and Beyoncé halftime
-
Entertainment5 days ago
Polyamorous influencer breakups: What happens when hypervisible relationships end
-
Entertainment4 days ago
‘The Room Next Door’ review: Tilda Swinton and Julianne Moore are magnificent
-
Entertainment3 days ago
‘The Wild Robot’ and ‘Flow’ are quietly revolutionary climate change films
-
Entertainment4 days ago
CES 2025 preview: What to expect
-
Entertainment3 days ago
Mars is littered with junk. Historians want to save it.