Slashdot Mirror
Cops Accuse 20-Year-Old College Student of Stealing More Than $5 Million in Bitcoin by Hijacking Phone Numbers (vice.com)
California authorities say a 20-year-old college student hijacked more than 40 phone numbers to steal $5 million in Bitcoin, including some from cryptocurrency investors at a blockchain conference Consensus. Motherboard, which broke the story citing court documents: This is the first reported case of an alleged hacker who was using SIM swapping (also known as SIM hijacking or Port Out Scam) specifically to target people in the blockchain and cryptocurrency worlds.
Joel Ortiz was arrested at the Los Angeles International Airport on his way to Europe, according to sources close to the investigation, who said Ortiz was flashing a Gucci bag as part of a recent spending spree they believe was financed by the alleged crimes. He is facing 28 charges: 13 counts of identity theft, 13 counts of hacking, and two counts of grand theft, according to the complaint filed against him on the day before his arrest.
Joel Ortiz was arrested at the Los Angeles International Airport on his way to Europe, according to sources close to the investigation, who said Ortiz was flashing a Gucci bag as part of a recent spending spree they believe was financed by the alleged crimes. He is facing 28 charges: 13 counts of identity theft, 13 counts of hacking, and two counts of grand theft, according to the complaint filed against him on the day before his arrest.
No doubt the phone companies whose processes were criminally negligent in allowing a person like this to engineer transfer of the number will also be brought to trial and punished.
Ha ha ha. I crack myself up!
-- John
Is there even a point to stealing that much money? Like, a quarter bitcoin or whatever might be too small-time to be investigated, but stealing $5M? Wouldn't it be trackable to him pretty much the moment he purchased something with that money? (or, at the very least, after the purchase of anything that would need to be shipped to him?) I've never looked at cryptos, so I might be off in my understanding here.
He should have run the scam from abroad and used the money to buy residence in a non-extradition country... In all seriousness: he used his own phone and expected not to be caught?
Two more points:
(1) $1 million bail is more than many murderers get. This shows the priorities of the state -- fortunes of tech squillionaires are worth more than human lives.
(2) The phone companies that apparently make SIMs stupidly easy to port-out should share the blame.
After domain names started to be worth big money, registrars came up with an added protection against people stealing your domain registration. IIRC they call this "Domain Lock, or "Registrar Lock" or something like that. So perhaps cellular service providers need to implement some form of "SIM Lock".
but not clever enough to avoid getting caught.
wouldn't you just be paranoid as all hell if you had done something like this ?
flashing a gucci bag ? wtf ?
Absolute statements are never true
about getting in trouble with the law for stealing a currency used to buy drugs and launder money...
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
and that is why the bitcoin exchanges need to be covered by banking laws. Now much info will they giveup? or will they hide over seas?
ATT sim lock = free limited unlock $5-10/mo full unlock $20/mo
limited unlock is needed to use a non ATT phone. Full unlock needed to use let you use 2th sim in phone or be able to unlock your att phone for other sims.
So basically this two factor authentication all these companies are trying to force on you is pretty much just a scam to get your phone number.
and that is why the bitcoin exchanges need to be covered by banking laws. Now much info will they giveup? or will they hide over seas?
Sure they should... None... Yes.
The issue with any of the crypto is also their strength, they are not centralized and are uncontrollable by law.
So, if you dabble in crypto, it's like trading gold bullion in the wild west. Yea, you can buy *anything* you like with it, but if it gets stolen, it's gone. Smart money doesn't hold crypto online very long or use exchanges except when necessary, but you offline it ASAP. Just like you don't carry more bullion than you need for your trip and hide the rest.
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
but when it's being used to buy drugs / hitmen the "banks" can be seen as accessory to crime
The whole thing breaks down into a question of legal jurisdiction fairly quick. The uncentralized nature of crypto means that you can use a "bank" for the transaction that isn't legally part of the jurisdiction of where the crime is committed. So you can get accessary charges or conspiracy charges filed on entities which cannot be forced to appear and stand trial or pay fines. (Just ask Robert Mueller about how this works, most of the charges from that investigation are like this so far.)
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
My housemate, who had land line phone service in his name, moved out. I called up the phone company, and told them I needed to put the phone in my name. They told me that for security reasons my ex housemate had to do that himself. So I asked them, "So, if I hang up and call you right back claiming to be him, you'll put the phone in my name?" There reply was, "Yes." I did, and they did.
I've abandoned my search for truth; now I'm just looking for some useful delusions.
See Subject: APKoin is better than all other cyypto coin guarantee to not loose value
Get APKoin by spreading the word of "LORD of HOSTS" to all conrners of teh internet
Get APKoin by "Kick stomping heart" FAKE name slashdot l[users] who dare defy brilliant APK
Redeemable for ultra premium moose dik you can suck or take in ass
Premium rewards like suk my MEGA MAN PENIS or lick my gaint ballz
APK
P.S.=> The Soros and ROTHSCHILD backed jew bankers want to destroy CRYPTO COIN because it can derail their plans to enslave great american worker. Trump was the first major disruption to they plans APKoins is the next... apk
My case is a little different because it wasn't crypto that they stole/tried to steal. It was actual money, but let me tell you how mine went.
One Saturday, approximately a year ago, I got a text from my carrier (T-Mobile, not that it matters for the purposes of the scam) stating that they were sorry to see me go and that my transaction would be processed on the next business day. Since I was at a BBQ at the time and had no idea what they were talking about, I called them. The customer service rep put me on hold and after a few minute came back and said that they had sent the text to the wrong person and that no changes had been made to my account and everything was ok. So I went about my business for the day, but kept this in the back of my head a something weird.
Fast forward to the following Monday when my cell phone service suddenly cut off "for no apparent reason", so I called T-Mobile, and fired up my personal webmail from here at work in case they needed to send me anything. While I was on the phone with the T-Mobile customer service rep trying to get he mess sorted out, they told me that I requested to have my phone number ported to Verizon Wireless and I told them about my call to them on Sat, which had not been documented, I started getting e-mails that my bank account username had been requested, then the password. I used 2FA for my bank account, but it was only SMS based. I immediately hung up on T-Mobile and called my bank. While I was being transferred to the customer fraud department, I started seeing device changes for the BofA app, which I don't use, and money transfer request e-mails start coming through. Before we could get them "cut off", they managed to transfer out $2,000 from my checking account with another $2,000 in "pending transactions". BofA immediately cancelled the pendings, but it took ten days to get my other $2k back.
After that was taken care of, I called T-Mobile back and explained what had happened. They gave me the number of the Verizon Wireless fraud department because VZW is the carrier that had initiated the port request. I called VZW and found out from them that if you purchase a pre-paid cell pone from them they DO NOT perform any due diligence to make sure that you own the phone number that you are requesting to be ported; they only do that if you are buying a phone on a payment plan. The phone that my number was ported to had been purchased pre-paid. I also found out that the carriers do not do any "due diligence" during a port request from one carrier to another because they are ASSUMING that the carrier that is requesting the port has done so.
I filed reports with both my local police (who could do nothing obviously since the person that committed the crime was in FL) and with the feds. Nothing was ever done about it for whatever reason, although I ended up getting all of my money back, which was good.
The only thing being exploited here are idiot customer service reps at telcos.
but if they use the mail or an wire to send funds to you then that is where they come in.
Let's see another round of "the wave" in a stadium filled with blockchain fanboyz continually screaming it's a technology going to change the world and every bank needs to jump there now!
Oops.....
> Is there even a point to stealing that much money?
I've been working in security and paying attention to the justice system for a long time. I've learned that crooks don't normally get caught the first time; they keep doing it until they get caught.
Stealing $100 or $1,000 or 10,000 isn't enough to change your life, just enough to risk going to jail or prison. To materially change your life, you'd have to steal $1,000 over and over again, until you got caught.
If someone steals $5 million in one weekend and stops, they can retire very comfortably, while having a good chance of not getting caught.
If someone steals $150 million, they can still retire comfortably, except they'll have the FBI and others seriously on their ass, putting significant resources into catching them.
Whether you have $5 million or $150 million you have more than enough money. You never have to work again. The big difference is whether you're one of the smaller cases the FBI has on file or one of the larger cases. I'd rather be at the bottom of the FBI's priority list.
So, if I were a thief, I'd steal about $5 million, quickly, then stop.
What a lamer. Gucci? For real? He should have just gotten a Tumi bag.
That's not even the worst bit, once you get known for a bigger account, well, all they need is you and they have the username and password. Crypto is rapidly becoming the wild wild west, neck deep in crime and becoming quite dangerous. Like who did this idiot steal 5 million dollars from, can they even claim it back from the police because dirty money. The safest place for this idiot is probably prison but their chances of survival after that pretty slim.
Chaos - everything, everywhere, everywhen
Let's say that your real name is "John Smith", with a cellphone listed in that name.
Get a burner phone, under the name of "Jane Doe". Use that number for your bitcoin stuff. That's your "bitcoin phone number"
Identity thief knows that John Smith is into bitcoin. So he hijacks the "John Smith" phone number, which is useless for his purposes. Or is there some way for the actual "bitcoin phone number" to leak out to him?
I'm not repeating myself
I'm an X window user; I'm an ex-Windows user
This guy was "flashing" his Gucci bag. And the government guys can't afford Gucci bags so they arrested him.