"Celeb SIM-Swap Crime Ring Stole $100M from U.S. Victims"

Recently many alleged SIM-swapping cybercriminals have been arrested across Europe by law-enforcement after the crooks finagled more than $100 million from U.S. victims.  The attacks orchestrated by this criminal gang targeted thousands of victims throughout 2020, including famous internet influencers, sports stars, musicians, and their families.  In a typical SIM-swapping attack, attackers use stolen, sleuthed, or phished personal information including, a person’s mobile phone number, to impersonate a target. The adversaries then contact the victim’s mobile carrier and ask to port the line to a different SIM card/device controlled by the attackers. This makes all incoming calls and texts re-routed to the fraudsters.  SIM-swapping attacks allow crooks to bypass SMS-based two-factor authentication (2FA). From there, it’s easy to use the previously phished information to gain access to and take over online/mobile banking or other high-value accounts. In this latest case, a network of criminals worked together to access the victims’ phone numbers and control apps or accounts by changing the passwords.  The adversaries stole money, cryptocurrencies, and personal information, including contacts synced with online accounts.  The adversaries also hijacked social-media accounts to post content and send messages masquerading as the victim.

Threatpost reports: "Celeb SIM-Swap Crime Ring Stole $100M from U.S. Victims"