SIM swapper gets 8 years in prison for account hacks, crypto theft

Amir Hossein Golshan, 25, was sentenced to eight years in prison by a Los Angeles District Court and ordered to pay $1.2 million in restitution for crimes involving SIM swapping, merchant fraud, support fraud, account hacking, and cryptocurrency theft. Golshan pleaded guilty on July 19, 2023, for hijacking the Instagram account of a prominent social media influencer. He also confessed to carrying out a series of schemes from April 2019 to February 2023. "From at least April 2019 to February 2023, Golshan knowingly executed multiple online schemes to defraud hundreds of victims through various online scams and unauthorized intrusions into victims' digital accounts, including social media account takeovers, Zelle payment fraud, and impersonating Apple support," reads the U.S. Department of Justice announcement. "In total, Golshan's entire scheme caused approximately $740,000 in losses to hundreds of victims over several years." Golshan attempted to hide his identity by using VPN tools and multiple account names. Over time, he reportedly honed his craft to orchestrate increasingly more sophisticated online crimes. Through social engineering, Golshan convinced carriers, including T-Mobile, to transfer cell phone numbers from legitimate subscribers to his SIM cards. This allowed him to bypass SMS-based two-factor authentication and hijack social media accounts. In one high-profile case from December 2021, he hijacked the Instagram account of a Los Angeles-based model through SIM swapping after contacting her from a hijacked friend's account. Next, he abused his access to the account by using it to message many of her friends, asking them to send money to Zelle and PayPal accounts he controlled. Golshan extorted the model for $2,000, threatening to delete the social media account he had hijacked. In other cases, Golshan advertised Instagram verification services, duping victims into sending him payments ranging from $300 to $500 in exchange for a verification badge on their accounts. Through the above schemes, it is estimated that Golshan made $82,000 from roughly 500 victims. Later, in August 2022, the prolific scammer posed as Apple Support personnel to gain unauthorized access to Apple iCloud accounts. He deceived victims into believing he would enhance their account security, tricking them into sharing their six-digit security code, enabling the scammer to bypass existing protections. By accessing other people's iCloud storage, Golshan was able to steal digital assets, including $319,000 worth of NFTs and $70,000 worth of cryptocurrency. The scammer resold these assets on an NFT marketplace within 24 hours for $130,000. To defend against SIM swapping attacks, activate number porting security on your carrier, use a physical security key or authenticator app instead of SMS, and limit the sensitive information you share online. The Federal Communications Commission has recently adopted new rules to protect consumers from SIM-swapping attacks, making fraudulent number transfers harder. Kansas courts confirm data theft, ransom demand after cyberattack. FCC adopts new rules to protect consumers from SIM-swapping attacks. FBI shares tactics of notorious Scattered Spider hacker collective. Fraudsters make $50,000 a day by spoofing crypto researchers. IPStorm botnet with 23,000 proxies for malicious traffic dismantled.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 30 Nov 2023 20:24:55 +0000


Cyber News related to SIM swapper gets 8 years in prison for account hacks, crypto theft

CVE-2024-50098 - In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Set SDEV_OFFLINE when UFS is shut down There is a history of deadlock if reboot is performed at the beginning of booting. SDEV_QUIESCE was set for all LU's ...
2 weeks ago Tenable.com
SIM swapper gets 8 years in prison for account hacks, crypto theft - Amir Hossein Golshan, 25, was sentenced to eight years in prison by a Los Angeles District Court and ordered to pay $1.2 million in restitution for crimes involving SIM swapping, merchant fraud, support fraud, account hacking, and cryptocurrency ...
11 months ago Bleepingcomputer.com
Cloud engineer gets 2 years for wiping ex-employer's code repos - Miklos Daniel Brody, a cloud engineer, was sentenced to two years in prison and a restitution of $529,000 for wiping the code repositories of his former employer in retaliation for being fired by the company. First Republic Bank was a commercial bank ...
11 months ago Bleepingcomputer.com
FCC adopts new rules to protect consumers from SIM-swapping attacks - The Federal Communications Commission has revealed new rules to shield consumers from criminals who hijack their phone numbers in SIM swapping attacks and port-out fraud. FCC's Privacy and Data Protection Task Force introduced the new regulations in ...
11 months ago Bleepingcomputer.com
31 Alarming Identity Theft Statistics for 2024 - Identity theft is a prevalent issue that affects millions of people annually. Although the numbers are startling, we've selected the 31 most concerning identity theft statistics to help you understand how to secure your identity. In 2022, the FTC ...
10 months ago Pandasecurity.com
SEC confirms X account was hacked in SIM swapping attack - The U.S. Securities and Exchange Commission confirmed today that its X account was hacked through a SIM-swapping attack on the cell phone number associated with the account. Earlier this month, the SEC's X account was hacked to issue a fake ...
9 months ago Bleepingcomputer.com
Store manager admits SIM swapping his customers - A 42-year-old manager at an unnamed telecommunications company has admitted SIM swapping customers at his store. SIM swapping, also known as SIM jacking, is the act of illegally taking over a target's cell phone number and re-routing it to a phone ...
8 months ago Malwarebytes.com
T-Mobile, Verizon workers get texts offering $300 for SIM swaps - Criminals are now texting T-Mobile and Verizon employees on their personal and work phones, trying to tempt them with cash to perform SIM swaps. The targeted employees have shared screenshots of messages offering $300 to those willing to aid the ...
7 months ago Bleepingcomputer.com
FCC Warns Carriers to Protect Customers Against SIM Swaps - A month after issuing new rules to push back against SIM-swap and similar schemes, the Federal Communications Commission is warning mobile phone service providers of their obligations to protect consumers against the growing threat. SIM swapping - ...
11 months ago Securityboulevard.com
Feds Seize 'Sinbad' Crypto Mixer Used by North Korea's Lazarus - In its continued efforts to crack down on North Korea's most formidable state-sponsored threat group, the US government has seized a virtual currency mixer that has been serving as the principal way the group launders money stolen from its ...
11 months ago Darkreading.com
eSIM Vulnerabilities: SIM Swappers Exploit Flaws, Hijack Phone Numbers - According to a new report, SIM-swapping crimes are rising worldwide, mainly committed by eSIM users. eSIMs are digitally stored SIM cards that are embedded using software into devices. As a result, hackers are now attempting to exploit ...
8 months ago Cysecurity.news
US court docs expose fake antivirus renewal phishing tactics - In a seizure warrant application, the U.S. Secret Service sheds light on how threat actors stole $34,000 using fake antivirus renewal subscription emails. The now-executed seizure warrant was submitted by Special Agent Jollif of the United States ...
10 months ago Bleepingcomputer.com
Former IT manager pleads guilty to attacking high school network - Conor LaHiff, a former IT manager for a New Jersey public high school, has admitted to committing a cyberattack against his former employer following the termination of his employment in June 2023. Last week, the U.S. Department of Justice announced ...
11 months ago Bleepingcomputer.com
The Latest Identity Theft Methods: Essential Protection Strategies Revealed - Identity theft has evolved far beyond the days of stolen mail and dumpster diving. Today's identity thieves employ sophisticated techniques, including account takeovers and government benefit fraud, making it essential for you to stay vigilant to ...
9 months ago Hackread.com
- In the contemporary landscape dominated by digital interconnectedness, the escalating menace of cybercrime has assumed unprecedented proportions. The latest threat on the horizon is the insidious 'SIM Swap' scam, an advanced scheme exploiting ...
10 months ago Cysecurity.news
Former telecom manager admits to doing SIM swaps for $1,000 - A former manager at a telecommunications company in New Jersey pleaded guilty to conspiracy charges for accepting money to perform unauthorized SIM swaps that enabled an accomplice to hack customer accounts. SIM swapping is an unauthorized porting of ...
8 months ago Bleepingcomputer.com
North Korea's state hackers stole $3 billion in crypto since 2017 - North Korean-backed state hackers have stolen an estimated $3 billion in a long string of hacks targeting the cryptocurrency industry over the last six years since January 2017. Kimsuky, Lazarus Group, Andariel, and other North Korean hacking groups ...
11 months ago Bleepingcomputer.com
Web3 security firm CertiK's X account hacked to push crypto drainer - The Twitter/X account of blockchain security firm CertiK was hijacked today to redirect the company's more than 343,000 followers to a malicious website pushing a cryptocurrency wallet drainer. Crypto fraud sleuth ZachXBT later leaked screenshots of ...
10 months ago Bleepingcomputer.com
Google Fi Data Breach Reportedly Led to SIM Swapping - The Google Fi telecommunications service has informed customers about a data breach that appears to be related to the recently disclosed T-Mobile cyberattack. Google Fi, which provides wireless phone and internet services, has told customers that the ...
1 year ago Securityweek.com
Bloomberg Crypto X account snafu leads to Discord phishing attack - The official Twitter account for Bloomberg Crypto was used earlier today to redirect users to a deceptive website that stole Discord credentials in a phishing attack. As first spotted by crypto fraud investigator ZachXBT, the profile contained a link ...
11 months ago Bleepingcomputer.com
Google Removes Foreign eSIM Apps Airola and Holafly from PlayStore - Google has removed Airola and Holafly from its PlayStore for Indian users due to their sale of international SIM cards without the necessary authorizations. The decision came from the department of telecommunications, which also contacted internet ...
10 months ago Cysecurity.news
Netgear, Hyundai latest X accounts hacked to push crypto drainers - The official Netgear and Hyundai MEA Twitter/X accounts are the latest hijacked to push scams designed to infect potential victims with cryptocurrency wallet drainer malware. While Hyundai has already regained access to their account and has cleaned ...
10 months ago Bleepingcomputer.com
Unmasking Identity Theft: Detection and Mitigation Strategies - In an increasingly digital world, the threat of identity theft looms large, making it imperative for individuals to be proactive in detecting potential breaches and implementing effective mitigation measures. This article delves into key strategies ...
10 months ago Cybersecurity-insiders.com
Extradition of Alleged Member of ShinyHunters Cybercrime Group to US - An alleged member of the ShinyHunters cybercrime gang, Sebastien Raoult, has been extradited from Morocco to the United States. The 22-year-old French national was arrested at Rabat international airport in Morocco on May 31, 2022, while attempting ...
1 year ago Securityaffairs.com
Arrests in $400M SIM-Swap Tied to Heist at FTX? - Three Americans were charged this week with stealing more than $400 million in a November 2022 SIM-swapping attack. The U.S. government did not name the victim organization, but there is every indication that the money was stolen from the now-defunct ...
9 months ago Krebsonsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)