The cops are starting to close in on hackers who hijack phone numbers to steal Bitcoin and other cryptocurrencies.
On July 12, police in California arrested a college student accused of being part of a group of criminals who hacked dozens of cellphone numbers to steal more than $5 million in cryptocurrency. Joel Ortiz, a 20-year-old from Boston, allegedly hacked around 40 victims with the help of still unnamed accomplices, according to court documents obtained by Motherboard.
This is the first reported case against someone who allegedly used the increasingly popular technique known as SIM swapping or SIM hijacking to steal Bitcoin, other cryptocurrencies, and social media accounts. Ortiz and his associates specifically targeted people involved in the world of cryptocurrency and blockchain, allegedly hacking several people during the high-profile Consensus conference in New York City in May.
SIM swapping consists of tricking a provider like AT&T or T-Mobile into transferring the target’s phone number to a SIM card controlled by the criminal. Once they get the phone number, fraudsters can leverage it to reset the victims’ passwords and break into their online accounts (cryptocurrency accounts are common targets.) In some cases, this works even if the accounts are protected by two-factor authentication. This kind of attack, also known as “port out scam,” is relatively easy to pull off and has become widespread, as a recent Motherboard investigation showed.
Read more: How To Protect Yourself From SIM Swapping Hacks
Ortiz was arrested at the Los Angeles International Airport on his way to Europe, according to sources close to the investigation, who said Ortiz was flashing a Gucci bag as part of a recent spending spree they believe was financed by the alleged crimes.
He is facing 28 charges: 13 counts of identity theft, 13 counts of hacking, and two counts of grand theft, according to the complaint filed against him on the day before his arrest.
After being arrested and read his Miranda rights, Ortiz told investigators that he and his “co-conspirators” have access to millions of dollars in cryptocurrency, according to a statement filed in court by the main investigator in the case.
“My fucking SIM got hacked.”
Investigators accuse Ortiz of being a prolific SIM hijacker who mainly targeted victims to steal their cryptocurrency but also to take over their social media accounts with the goal of selling them for Bitcoin. According to the investigators, as well as people in the SIM swapping community, Ortiz was a member of OGUSERS, a website where members trade valuable Instagram or Twitter accounts.
In one of at least three attacks that happened during Consensus, Ortiz allegedly stole more than $1.5 million from a cryptocurrency entrepreneur, including nearly $1 million that he had crowdfunded in an ICO.
“I looked at my phone and it was dead,” the entrepreneur, who asked to remain anonymous for fear of being targeted again, told Motherboard.
He knew what was going on as soon as he lost service, because the day before, a friend at the conference had also gotten hacked.
“We were having a meeting and all of a sudden he says ‘fuck my phone just stopped working,’” the entrepreneur recalled his friend saying. Later in the day, he said his friend texted him: “My fucking SIM got hacked.”
According to court documents, Ortiz took control of the entrepreneur’s cellphone number, reset his Gmail password and then gained access to his cryptocurrency accounts. The entrepreneur ran to the AT&T store to get his number back, but it was too late.
Prosecutors told Motherboard that they still don’t know how or why Ortiz chose his targets in the cryptocurrency world. What they say they know for sure is that there’s a lot of people out there who have been targeted by this scam.
Erin West, the Santa Clara County deputy district attorney, put out a call for more victims to come forward.
“This is happening in our community and unfortunately there are not a lot of complaints to law enforcement about it. We would welcome the opportunity to look into other complaints of this happening,” West told Motherboard in a phone call. “We think that this is something that’s underreported and very dangerous.”
Ortiz’s bail was set to one million dollars. As of this writing, he remains in jail awaiting his plea hearing, set for August 9. Ortiz’s lawyer did not respond to a voicemail left requesting comment.
HOW THE COPS NABBED ORTIZ
According to an investigation report obtained by Motherboard, detectives started looking into the case when one victim, an investor involved in blockchain projects, told police that hackers stole his cellphone number.
Ortiz allegedly targeted the investor between February and March on several occasions. He hijacked his phone…