AMSTERDAM (Reuters) - Europol, the European police agency, said on Wednesday it had assisted in the arrest of 10 hackers suspected of stealing $100 million in cryptocurrency in “SIM-swapping” attacks that allowed suspects to gain access to their victims’ phones.
“The attacks orchestrated by this criminal gang targeted thousands of victims throughout 2020, including famous internet influencers, sport stars, musicians and their families,” the agency said in a statement.
The arrests were made after an investigation with cooperation from Britain, the United States, Belgium, Malta and Canada, Europol said.
In a SIM-swapping attack, criminals can gain control over a SIM - the small computer chip that carries a phone number used to identify a customer on a telecommunication network. Usually a phone company is tricked into deactivating a working SIM and transferring its functions to one controlled by the hackers.
“This enabled (hackers) to steal money, cryptocurrencies and personal information, including contacts synced with online accounts,” Europol said in a press statement detailing the operation.
“They also hijacked social media accounts to post content and send messages masquerading as the victim.”
Europol did not identify the victims or say where the arrests took place. It advised the public not to use services that use text messages to help log in to online accounts, as these are vulnerable in SIM-swapping attacks, which it said are on the rise.
One of the most notable victims of a SIM-swapping attack in the past was Twitter CEO Jack Dorsey, in 2019.
Reporting by Toby Sterling; editing by John Stonestreet
Our Standards: The Thomson Reuters Trust Principles.