By CCN.com: A 21-year-old Boston man has been sentenced to 10 years in jail for stealing $7.5 million in bitcoin and other cryptocurrencies by hacking his victims’ cell phones through a practice called “SIM swapping.”
This is the first-ever arrest and conviction in the United States for a SIM swap scam. That’s when the perpetrator clones his victims’ SIM cards in order to hack into their smartphones to gain access to their online accounts.
Millions Stolen During CoinDesk Conference
Joel Ortiz, 21, a UMass Boston student and his henchmen specifically targeted people in the cryptocurrency industry (which is ironic, since many people think crypto folks are scam artists).
In May 2018, Ortiz stole millions by hacking several people’s smartphones at Consensus, an industry conference hosted by crypto news website CoinDesk.
SIM Hijackers Steal Over $5 Million in Bitcoin in First Reported Crime of its Kind https://t.co/ZUR8fZK6EN
— CCN.com (@CCNMarkets) August 1, 2018
In total, Ortiz stole more than $7.5 million from at least 40 victims, the Santa Clara District Attorney’s Office announced in a statement.
“Ortiz was a prolific SIM swapper who targeted victims to steal cryptocurrency and to take over social media accounts with the goal of selling them for Bitcoin.”
“After his thefts, Ortiz spent his loot lavishly – including $10,000 nights at Los Angeles clubs, hiring a helicopter to bring him and some friends to a music festival, and on Gucci luggage and clothing.”
Joel Ortiz Pleaded No Contest to 10 Felonies
On April 19, Ortiz was sentenced to a decade in prison by Santa Clara County Judge Edward Lee after pleading no contest to 10 felony theft charges.
Judge Lee decided on his sentence after hearing several victims’ heartbreaking stories about how their lives were destroyed after Ortiz stole all money.
The Santa Clara District Attorney’s Office explained a common way that SIM swapping occurs:
“Hackers call a telecom company posing as their target and claim that their SIM card has been lost, and that they would like their number to be ported to a new card. The criminals can convince phone companies that they are who they claim to be by providing stolen Social Security numbers or addresses.”
“Once the telecom company transfers the number to a new SIM card, hackers can bypass two-step authentication measures for accounts by using the phone as a recovery method.”
Victim: Cell Phone Companies Are Not Doing Enough
In January 2019, several victims — including tech entrepreneur Robert Ross — launched an initiative called Stop SIM Crime to raise awareness of this growing phenomenon.
Ortiz stole more than $1 million from Ross after taking control of his cell phone and gaining access to his accounts on crypto exchanges. Ross says he never even heard of “SIM swapping” until he lost most of his bitcoin savings as a victim of the scheme.
Ross is now pressuring cell phone providers to offer better resources to help victims and to educate them about prevention.
“This is a major problem that’s growing fast. I really believe this is being enabled by the carriers.”