Site icon TheDailyCheck.net

Two SIM swappers phished a phone company so they could steal $16K in crypto

Twenty-year-old Kyell Bryan of Pennsylvania has pleaded guilty to aggravated identity theft for a SIM swapping and cryptocurrency theft scheme, according to the United States Attorney’s Office of the District of Maryland.

According to the initial indictment statement, in June 2019, Bryan, who was 19, conspired with Jordan K. Milleson, then 21, and others. The group engaged in phishing and vishing (voice phishing) to trick employees at an unnamed wireless operator into coughing up their login credentials.

As Brian Krebs reported when Bryan and Milleson were indicted, they were active participants of the OGUsers trading forum, which has spawned similar phishing attacks against Twitter and others, usually with the intent of stealing and trading social media handles. Leaked messages from OGUsers reveal that in 2019, Bryan asked another member for help crafting a site that would look like T-Mobile’s employee login page.

They used those credentials to conduct unauthorized SIM swaps, redirecting their target’s phone number to bypass the two-factor authentication process that is supposed to protect accounts. SIM swapping attacks are why AT&T faced a now-dismissed lawsuit alleging negligence for failing to stop them in 2018, and the method opened up a way to temporarily hijack Twitter CEO Jack Dorsey’s handle in 2019.

According to the prosecutors, after performing the swap, Bryan instructed Milleson to transfer cryptocurrency valued at $16,847.47 out of the victim’s account.

The scheming partnership turned into a mission to find Milleson’s true identity when Bryan and other accomplices suspected Milleson cheated them out of their share. After finding out his aliases and personal information from another co-conspirator, Bryan attempted to “swat” him at his home.

Bryan called the Baltimore County Police claiming he was at Milleson’s home address with a handgun, saying he’d shot his father and threatening to shoot himself. In the call, he threatened to shoot if confronted by police, attempting to set up the kind of dangerous encounter that has already killed some swatting victims.

BCPD didn’t find a gunman at the house, but officers spoke to Milleson’s relative, who told them about a phone call made earlier claiming that Milleson stole $20,000.

Milleson was sentenced to two years in federal prison and ordered to pay restitution of $34,329.01 in May.

Bryan is set to be sentenced in January 2022 and faces two years in federal prison following one year of supervised release. As part of his plea agreement, Bryan will be ordered to pay $16,847.47 in restitution.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TheDailyCheck is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – abuse@thedailycheck.net The content will be deleted within 24 hours.
Exit mobile version