Florida man who was part of cybercrime gang after cryptocurrency wallet sentenced for his role in a cyber robbery that allegedly earned participants over $20,000,000.
Scammers, including 25-year-old Nicholas Truglia, used known tricks in their dealings to take over various online accounts of their victims. SIM swappingalso known as number porting.
Phone number migration
As you may know if your phone is lost or the SIM card is damaged, the phone number is not recorded on the phone itself. Subscriber identification module A (SIM) chip that is inserted into (or installed electronically in the form of so-called nowadays) a mobile phone eSIM).
So scammers who can sweet talk, bribe, use a fake ID to convince you, or otherwise threaten your mobile phone provider into issuing a new SIM card to “you” (which means them)…
… You can walk out of a cell phone store. [a] your number on the phone and [b] Your SIM card is invalid and you cannot connect to the network to receive calls or go online.
Simply put, when your phone isn’t working, the person on the other end will start receiving calls and text messages. Specifically, it includes two-factor authentication (2FA) codes that may be sent to your phone as part of a secure login or password reset.
The problem of SIM swapping, i.e. the right to reissue replacement SIM cards, is granted to too many different people at too many different seniority levels at too many carriers to reliably control them) is such that the US public service is no longer SMS This is why it is not recommended. Based on 2FA for general use and disapproved for government officials.
bring cryptocurrency
In this case, it appears that someone in the cyber gang scoured the victim’s account login information and shared it with numerous other participants, then made Truglia act as the recipient of the stolen cryptocurrency funds from the victim.
Truglia then paid the stolen funds back into numerous other cryptocurrency wallets owned by other participants, keeping the unknown cut to his share of the transaction.
U.S. Department of Justice (DOJ) memo that “[the] Participants in the scheme stole more than $20 million of the victims’ cryptocurrencies, and the defendants retain at least approximately $673,000 of the stolen funds.”
Truglia was sentenced to 18 months in prison, followed by three years of supervised release, immediately forfeited $983,010.72 and ordered to repay a whopping $20,379,007.
It is not said how he will do so without the cooperation of the others involved in the scam, who appear to have split most of the $20 million between them, and what will happen if they are not persuaded to do so. From the Department of Justice’s report.
What should I do?
- Limit the amount of cryptocurrency you keep online and have direct access to. ensign cold wallet Protects you from password and 2FA theft scams where remote criminals gain direct access to your account that you cannot access remotely.
- If you haven’t already, consider switching from SMS-based 2FA. A one-time text message-based login code is better than no 2FA at all, but it definitely has a weakness in that your account can be attacked by scammers who decide to target you. without direct attackSo in a way that you yourself cannot reliably defend.
- Use a password manager whenever possible. In this case, it is unknown how the criminals obtained the victim’s password, but password managers at least make it less likely that an attacker will end up with a guessable password or easily guessed from public information, such as: Your dog’s name or your child’s birthday.
- Make sure your phone isn’t behaving unexpectedly. After replacing the SIM, the phone will not show any carrier connection. If you have friends who are still online on the same network, this indicates that you are likely the person who is offline and not the entire network. Contact your phone company for advice. If possible, bring your ID and visit the phone store in person to check if your account has been compromised.
.