Hacker Pleads Guilty to SIM Swapping Attacks, Cryptocurrency Theft

A Rockport, Massachusetts, man has pleaded guilty over his role in a scheme targeting people who had high-value social media accounts or who were believed to have large amounts of cryptocurrency.

The man, Declan Harrington, 21, together with co-conspirator Eric Meiggs and others, targeted people who were believed to have significant amounts of cryptocurrency or high-value social media accounts, also referred to as OG (Original Gangster) accounts, through a method called SIM swapping.

Through this technique, attackers impersonate their intended victims in conversations with their phone services providers to trick operators into transferring the victims’ phone numbers to SIM cards in the attackers’ possession.

Being in control of the SIM card, the attackers then attempt to hijack the victim’s online accounts by initiating password change procedures and requesting validation codes or other authentication codes to be sent to the phone numbers the attackers now control.

Harrington, Meiggs, and co-conspirators targeted at least 10 victims in the United States to steal or attempt to steal over $530,000 in cryptocurrency.

Meiggs, who pleaded guilty on April 28, took control of two victims’ OG accounts on social media platforms. He is scheduled for sentencing on May 24, 2022.

Harrington pleaded guilty to one count of conspiracy, one count of computer fraud and abuse, five counts of wire fraud, and one count of aggravated identity theft. He could be sentenced to up to 20 years in prison and ordered to pay a fine of up to $250,000 for the charges of wire fraud.

Related: 21-Year-Old Woman Pleads Guilty to Sending Phishing Emails to Political Candidates

Related: Estonian Botnet Operator Pleads Guilty in U.S. Court

Related: Hacker Who Sold UPMC Employee Information Pleads Guilty