Ten Hackers Arrested For String Of Sim-Swapping Attacks
24th Feb 2021 In News By Jack Francis

On the 9th of February this year, an international investigation resulted in 8 cybercriminals being arrested, these arrests followed an earlier one in Malta and another in Belgium of members of the same organization. The hackers stole upwards of $10 million in cryptocurrency by orchestrating a string of sim swapping attacks on high profile victims across the US.

The attacks were carried out throughout 2020 against famous influencers, sports stars, musicians and their families. The arrests followed a year-long investigation conducted by law enforcement agencies from the UK, USA, Belgium, Malta, and Canada with activity coordinated by Europol.

The group first gained attention in the spring of 2020 when an investigation discovered an undercover network of a dozen cybercriminals working together to access victims phone numbers to gain control of their apps or accounts by changing the passwords. This enabled them to steal money, cryptocurrency and personal information. They even hijacked victims social media accounts and posted and sent messages on the victims' behalf. This type of fraud is known as sim swapping and was identified as a key trend in the most recent Europol Internet Organised Crime Threat Assessment and is typically achieved by the criminals exploiting phone service providers to perform the swap on their behalf with a corrupt insider or with social engineering techniques.

How can you avoid being the next victim?

It's not only celebrities that can be targeted, anyone with a mobile is a potential victim. Here are a few tips to help you stay one step ahead of the criminals after your information:

  • Ensure your device's software is up to date.
  • Never reply to suspicious emails or engage with callers requesting personal information.
  • Limit the amount of personal data you share online.
  • Use multi-factor authentication for your online services.
  • When possible don't associate your phone number with sensitive online accounts.