Hacker Stole $1m from Silicon Valley Executive via SIM Swap
(Nov 26, 2018)
A felony complaint has been filed in a California state court for a New York resident named Nicholas Truglia for an alleged theft of one million USD. Trugila is reported to have stolen $500,000 USD worth of cryptocurrency held in two separate accounts in the Coinbase and Gemini cryptocurrency exchanges. Truglia stole the funds via a tactic known as “SIM swapping” in which the actor gained physical access to the victim’s, Robert Ross, cell phone and swapped the SIM cards. This tactic is believed to have been used by Truglia in targeting at least six executives working in Silicon Valley. In Ross’s case, Truglia went on to convert the cryptocurrencies, $500,000 in each Coinbase and Gemini account, into digital money and then into his personal account.
Recommendation: This story depicts the importance of safeguarding smartphones that have access to Personally Identifiable Information (PII) and financial information to avoid a potential SIM swapping attack. Swapping SIM cards allows a threat actor to gain control over a phone to conduct various forms of malicious activity. Similar to personal and work machines, do not leave your phone unattended to avoid physical-based attacks such as SIM swapping.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.