Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Hacker Pleads Guilty to SIM Swapping Attacks, Cryptocurrency Theft

A Rockport, Massachusetts, man has pleaded guilty over his role in a scheme targeting people who had high-value social media accounts or who were believed to have large amounts of cryptocurrency.

A Rockport, Massachusetts, man has pleaded guilty over his role in a scheme targeting people who had high-value social media accounts or who were believed to have large amounts of cryptocurrency.

The man, Declan Harrington, 21, together with co-conspirator Eric Meiggs and others, targeted people who were believed to have significant amounts of cryptocurrency or high-value social media accounts, also referred to as OG (Original Gangster) accounts, through a method called SIM swapping.

Through this technique, attackers impersonate their intended victims in conversations with their phone services providers to trick operators into transferring the victims’ phone numbers to SIM cards in the attackers’ possession.

Being in control of the SIM card, the attackers then attempt to hijack the victim’s online accounts by initiating password change procedures and requesting validation codes or other authentication codes to be sent to the phone numbers the attackers now control.

Harrington, Meiggs, and co-conspirators targeted at least 10 victims in the United States to steal or attempt to steal over $530,000 in cryptocurrency.

Meiggs, who pleaded guilty on April 28, took control of two victims’ OG accounts on social media platforms. He is scheduled for sentencing on May 24, 2022.

Harrington pleaded guilty to one count of conspiracy, one count of computer fraud and abuse, five counts of wire fraud, and one count of aggravated identity theft. He could be sentenced to up to 20 years in prison and ordered to pay a fine of up to $250,000 for the charges of wire fraud.

Related: 21-Year-Old Woman Pleads Guilty to Sending Phishing Emails to Political Candidates

Related: Estonian Botnet Operator Pleads Guilty in U.S. Court

Related: Hacker Who Sold UPMC Employee Information Pleads Guilty

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.