A cyber fraud ring operating across multiple states was detected by US law enforcement in February 2018, after the mother of one of the perpetrators overheard him masquerading as an AT&T employee in a phone conversation. The woman called the police and officers found a number of cell phones and SIM cards, as well as “an extensive list of names and phone numbers of people from around the world” on his computer, writes security researcher Brian Krebs.
The same person was later found to be in the possession of 45 SIM cards and a Trezor Wallet used for cryptocurrency account data. After searching his home again, police found more SIM cards and driver’s licenses and passports.
On the other side of the country, Florida police has arrested 25-year-old Ricky Joseph Handschumacher on money laundering and grand theft charges. The man is allegedly part of the aforementioned SIM hijacking group, which includes nine more members, who cloned phones to steal cryptocurrency. Police say that for the past two years, the group has been emptying bank accounts through the common mobile phone SIM swap scam, technique that seems to be getting popular in the US.
“Search warrants revealed that in mid-May 2018 the group worked in tandem to steal 57 bitcoins from one victim — then valued at almost $470,000 — and agreed to divide the spoils among members,” writes Krebs.
“Handschumacher and another co-conspirator talk about compromising the CEO of Gemini and posted his name, date of birth, Skype username and email address into the conversation,” reads the complaint issued by the Pasco County Sheriff’s office. “Handschumacher and the co-conspirators discuss compromising the CEO’s Skype account and T-Mobile account. The co-conspirator states he will call his ‘guy’ at T-Mobile to ask about the CEO’s account.”