- Two Massachusetts men will spend a total of four years in prison after pleading guilty to stealing approximately $330,000 worth of cryptocurrency
- The piar used sim swapping and other techniques to steal the funds, targeting whales and crypto execs
- The men pleaded guilty to conspiracy, wire fraud, computer fraud and abuse and aggravated identity theft
Two Massachusetts men have been sentenced to two years in prison each for stealing approximately $330,000 worth of cryptocurrency through SIM swapping, among other techniques. The pair were arrested in November 2019 in connection with the theft of over half a million dollars worth of cryptocurrency via hacking, SIM swapping, and manipulation of social media accounts. Eric Meiggs, 21, and Declan Harrington, 20, targeted executives of cryptocurrency companies and others who likely had significant amounts of cryptocurrency, such as Bitcoin OGs, but were stopped before they could really hit the jackpot.
“Extensive Scheme” Carried Out
Meiggs and Harrington conducted what the United States Department of Justice called an “extensive scheme” to illegally obtain cryptocurrency, conspiring to hack into, and then take control over, their victims’ online accounts, allowing them to obtain cryptocurrency and other potentially valuable data, which they allegedly utilised themselves or sold on the dark web.
They utilised SIM swapping and other techniques to carry out their scheme, targeting at least 10 identified victims around the country, many of them being long-time cryptocurrency investors and enthusiasts, or ‘OG’s, with high-profile social media accounts. Meiggs allegedly took control over two such victims’ accounts before the arrest.
According to the indictment, the pair allegedly stole, or attempted to steal, over $550,000 worth of cryptocurrency from these victims alone, as well as attempting to extort the victims’ friends and families in return for the account being returned to the owner.
Complete Security is an Illusion
The details of the indictment make for disturbing reading. The ease with which Meiggs and Harrington were able to port the victims’ phone number to their own is something that should alarm everyone with a cell phone: using just the victim’s email address, they were able to get the victim’s cell phone number ported to Harrington’s phone, from where they were able to control his Google account and Facebook account, searching his email and private messages for cryptocurrency seed phrases or wallet details.
They didn’t manage to obtain any via this method, but it just shows how easily a hacker is able to access such personal details. Clearly the victim did the right thing by not having any sensitive information publicly available, but it also shows that, even with two-factor authentication enabled, there is no such thing as an entirely safe cryptocurrency existence.
Both AT&T and T-Mobile have been hit with SIM swapping attacks in recent months, with AT&T facing a multi-million dollar lawsuit in the matter.