Turkish police has arrested 11 individuals on suspicion of hacking cryptocurrencies through Sim Swapping.
The individuals in question allegedly tricked phone providers into transferring the victim’s phone number to them.
Apparently fake IDs were prepared for this operation, according to local crypto media, with the thieves pretending the victim’s phone was stolen. They then managed to persuade phone providers to send them a new sim with the victim’s phone number. The real owner’s sim card was canceled.
The victim’s phone number was then used to reset the password through two factor authentication (2FA) password resets.
They managed to steal circa $80,000 worth of crypto through this method, but the police was able to catch them after victims complained.
According to another report, they were caught based on the IP addresses used at the crypto exchanges in question.
Their attempts to obfuscate funds was thus futile, with authorities raiding their premises where a gun was apparently found as well as 18 mobile phones, 20 flash memory drives, 5 laptops, 3 disks, 2 fake driver’s licenses and many fake IDs and cards.
Ten of the individuals in question, who have not yet been named by local media, are being detained in custody. Another one has been released on bail.
Making this an interesting case because the operation appears to be very sophisticated, yet they were apparently not smart enough to use a VPS or other IP obfuscating methods.
How exactly they were caught, however, isn’t very clear yet as Istanbul’s Cybercrime Division would have had many tools at their disposal.
Props to them for a job well done if the court does find them guilty, not least because the amounts involved seem relatively small.
So suggesting police detectives have now smartened up quite a lot, gaining the expertise and the general knowledge needed to lock up crypto thieves.
The ease with which these thieves were able to gain access to someone else’s phone number, however, is highly concerning. Raising basic questions such as why are claimed lost sim replacements being send to addresses not on record.