The British National Crime Agency reported earlier this week that law enforcement agencies in England and Scotland arrested eight hackers who were swapping SIM cards and stealing money from American celebrities and wealthy people.
This is not the first time when the group’s attacks targeted famous athletes, musicians, influencers, and so on.
“The National Crime Agency led the UK investigation into these attacks, which targeted numerous victims throughout 2020, including well-known influencers, sports stars, musicians, and their families. NCA Cyber Crime officers, working with agents from the US Secret Service, Homeland Security Investigations, the FBI and the Santa Clara California District Attorney’s Office, uncovered a network of criminals in the UK working together to access victims’ phone numbers and take control of their apps or accounts by changing the passwords”, — told representatives of The National Crime Agency.
Europol representatives add that these arrests were a continuation of a major operation that began in Malta and Belgium, where other members of the same criminal group were previously detained. This investigation began last year, after a massive Twitter hack, and involved the authorities of the United States, Great Britain, Canada, Malta and Belgium.
As a reminder, Twitter hackers used targeted phone phishing.
According to the authorities, the criminals acted according to the classical scheme and tricked the employees of American mobile operators to assign a celebrity’s phone number to their SIM card. With access to the victim’s number, the scammers reset passwords and bypassed two-factor authentication in various accounts. In total, such activity has brought the group more than $100 million in cryptocurrency.
“This allowed them to steal money, bitcoins and personal information, including contacts synchronized with online accounts. They also hijacked social media accounts to post content and send messages on behalf of victims”, — law enforcement officials say.
Those arrested face prosecution for crimes under the Computer Misuse Act, fraud and money laundering, and extradition to the United States for prosecution.