Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Student Charged in Elaborate Digital Money Theft Scheme

LOS ANGELES (AP) — A Massachusetts college student who was named his high school’s valedictorian for his savvy tech skills hacked into unsuspecting investors’ personal cellphones, email and social media accounts to steal at least $2 million in digital currency like Bitcoin, according to documents provided by California prosecutors Wednesday.

LOS ANGELES (AP) — A Massachusetts college student who was named his high school’s valedictorian for his savvy tech skills hacked into unsuspecting investors’ personal cellphones, email and social media accounts to steal at least $2 million in digital currency like Bitcoin, according to documents provided by California prosecutors Wednesday.

Joel Ortiz was taken into custody July 12 at Los Angeles International Airport ahead of a flight to Boston, according to prosecutors. The 20-year-old faces more than two dozen charges including grand theft, identity theft and computer hacking, court documents show. He’s held on $1 million bail.

The Santa Clara County, California, public defender’s office, which is representing Ortiz, declined comment. A number listed for his home in Boston was disconnected.

The elaborate scheme involved taking over victims’ phones, allowing him to reset passwords and access online accounts containing electronic assets in the form of Bitcoin, Coinbase, Bittrex and Binance, the criminal complaint said.

In one case Ortiz allegedly walked into an AT&T store and impersonated a victim in order to get a new SIM card, which gave him control of the victim’s phone. He obtained access to the victim’s “financial and personal identifying information, tax returns, private passwords” and siphoned $10,000 from a cryptocurrency account, according to police report.

In several instances Ortiz allegedly impersonated victims over text messages and convinced friends and family members to “loan” him digital funds, court documents said.

At one point Ortiz allegedly stole $10,000 from a California resident, and then tried to get more, calling the victim’s wife and sending a text to the victim’s daughter that said “TELL YOUR DAD TO GIVE US BITCOIN,” the documents said.

Court documents identify more than 20 victims who live in California, and prosecutors say they know of additional victims outside of the state.

Ortiz enrolled at the University of Massachusetts Boston and studies information technology, said school spokesman DeWayne Lehman.

Ortiz was the 2016 valedictorian of Another Course to College, a small public college preparatory school in Boston, and was honored alongside other top students across the city at a luncheon that year with Democratic Mayor Marty Walsh and other officials at a downtown hotel.

At his school, Ortiz was the lead robot software programmer on its robotics team, taught other students the basics of software coding and “led efforts to teach computer science,” according to a Boston Public Schools’ press release touting the students’ accomplishments.

The school system said Ortiz “loves science and technology,” is fluent in Spanish and speaks conversational Chinese.

Boston Public Schools spokesman Daniel O’Brien declined to comment.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.

Register

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.

Register

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...