What Is SIM-Swapping? Hackers Allegedly Stole $100m in Cryptocurrency From Celebrities

Eight men suspected of stealing over $100 million worth of cryptocurrencies from internet influencers, sport stars and musicians were arrested on Tuesday following a year-long investigation by multiple policing authorities.

The cybercriminal gang was dismantled this week after members targeted "thousands" of victims in the U.S. last year via "SIM-swapping" attacks, which are used to infiltrate mobile apps or online accounts by abusing a smartphone's phone number.

The European law enforcement agency Europol said a probe was launched last spring and uncovered a network of around a dozen coordinated criminals.

In a "SIM-swap" scheme, criminals can intercept sensitive information by taking over a victim's phone number associated with their device's SIM card. They deactivate the SIM card and port its number to a new one controlled by a member of the gang.

Experts say the swapping process is often done by a hacker impersonating the owner and contacting the phone service provider to request the change. It is also aided by phishing attacks to obtain personal information, or corrupt insiders.

Broadly, after gaining control over the number, hackers can change passwords of apps and be sent codes needed to reset account credentials. After changing the codes, the criminals have access to online banking, email and social media profiles.

"This enabled them to steal money, cryptocurrencies and personal information, including contacts synced with online accounts. They also hijacked social media accounts to post content and send messages masquerading as the victim," Europol said.

The identities of the victims were not released. Europol said additional members of the gang were recently detained in Malta and Belgium. The policing agency urged anyone concerned about the hack not to link their phone number to online accounts.

The National Crime Agency (NCA), which led the U.K.-side investigation into the attacks, said the arrested men were aged between 18 and 26 and had been detained in England and Scotland. Like Europol, it did not reveal the identities of suspects or victims.

Paul Creffield, head of operations in the NCA's National Cyber Crime Unit, said: "Sim swapping requires significant organization by a network of cyber criminals, who each commit various types of criminality to achieve the desired outcome.

"This network targeted a number of victims in the U.S. and regularly attacked those they believed would be lucrative targets, such as famous sports stars and musicians.

"In this case, those arrested face prosecution for offences under the Computer Misuse Act, as well as fraud and money laundering as well as extradition to the USA for prosecution. As well as causing a lot of distress and disruption, we know they stole large sums from their victims, from either their bank accounts or bitcoin wallets."

SIM-swap attacks have existed for years, with one of the most notable incidents taking place in 2019 when Twitter CEO Jack Dorsey's profile was successfully compromised to send a series of racial slurs and anti-Semitic messages, The Verge reported.

The hackers were seemingly able to get a phone provider to transfer Dorsey's number to a device they controlled, before posting via a Twitter text-to-tweet service.

Twitter explained: "The phone number associated with the account was compromised due to a security oversight by the mobile provider. This allowed an unauthorized person to compose and send tweets via text message from the phone number."

Cell phone sim cards
A picture taken on Februrary 27 ,2015 in Lille, northern France, shows cellphone SIM cards. PHILIPPE HUGUEN/AFP/Getty