Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

SIM Swapper Who Stole $20 Million Sentenced to Prison

Nicholas Truglia, of Florida, was sentenced to 18 months in prison last week for stealing more than $20 million in a SIM swapping scheme.

According to the indictment, in January 2018, Truglia, now aged 25, participated in a scheme to hack into online accounts in an effort to steal cryptocurrency. He pleaded guilty in late 2021.

Nicholas Truglia, of Florida, was sentenced to 18 months in prison last week for stealing more than $20 million in a SIM swapping scheme.

According to the indictment, in January 2018, Truglia, now aged 25, participated in a scheme to hack into online accounts in an effort to steal cryptocurrency. He pleaded guilty in late 2021.

The defendant and other participants to the scheme used SIM swapping to gain unauthorized access to a victim’s accounts, the US Department of Justice announced.

The attackers tricked the victim’s mobile carrier into transferring the victim’s phone number to a SIM in the attackers’ control, which allowed them to reset the passwords for the targeted online accounts.

According to the indictment, one of the compromised accounts contained over $20 million worth of cryptocurrency, which the attackers transferred to accounts owned by Truglia, where the amount was converted to Bitcoin.

The funds were then transferred to other accounts owned by the scheme participants. The defendant kept roughly $673,000 worth of the stolen funds.

The victim is cryptocurrency investor Michael Terpin, who filed a complaint claiming that three million tokens worth $23.8 million had been stolen from his phone in 2018. Terpin won a $75 million civil case against Truglia in 2019. After the incident, Terpin also sued AT&T for failing to prevent the hack, but a court threw out a $200 million damages claim in 2020.

Truglia has now been sentenced to 18 months in prison and three years of supervised release, and was ordered the restitution of more than $20 million. He was also ordered to forfeit nearly $1 million.

The DoJ announced Truglia’s sentencing on Thursday, the same day that the Spanish police announced the dismantling of a SIM swapping gang and the arrest of 55 individuals suspected of stealing over $263,000 from more than 100 victims.

Working in four interconnected action cells, the suspects engaged in social engineering, phishing, vishing, carding, and call forwarding techniques to conduct scams. For SIM swapping, the gang relied mainly on vishing, the Spanish police says.

Related: Spanish Authorities Dismantle SIM Swapping Gang

Related: FBI Received 1,600 SIM Swapping Complaints in 2021

Related: Hacker Pleads Guilty to SIM Swapping Attacks, Cryptocurrency Theft

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...