Stealing crypto through hijacked SIM cards is firmly on the radar of the U.S. REACT Task Force.
U.S. law enforcement consider so-called “SIM swapping” one of its “highest priorities” in a bid to fight cryptocurrency fraud, security news and investigation blog KrebsonSecurity reported Nov. 7.
Speaking to the publication, Samy Tarazi, a police sergeant in Santa Barbara and a supervisor of the REACT Task Force — a group dedicated to fighting cybercrime — said the number of instances of the crime had increased dramatically.
“For the amounts being stolen and the number of people being successful at taking it, the numbers are probably historic,” he said.
SIM swapping refers to the act of remotely hijacking the SIM card in a mobile device — for example by gaining access to an operator’s customer database as in one high-profile example involving millions of dollars — and using the resulting control over the device to gain access to poorly-protected private data.
The data proving most valuable to SIM swappers is cryptocurrency login details and wallet passwords, resulting in huge amounts of money disappearing, Tarazi says, continuing:
“If someone gets robbed of $100,000 that’s a huge case, but we’re now dealing with someone who buys a 99 cent SIM card off eBay, plugs it into a cheap burner phone, makes a call and steals millions of dollars. That’s pretty remarkable.”
REACT, which stands for Regional Enforcement Allied Computer Team, is based in Santa Barbara and continues to try to bring the increasingly active phenomenon under control.
So much so, Tarazi added, that SIM swapping is currently the squad’s major focus.
“It’s probably REACT’s highest priority at the moment, given that SIM swapping is actively happening to someone probably even as we speak right now,” he warned, adding:
“It’s also because there are a lot of victims in our immediate jurisdiction.”