Posts: 2,645 +616
Reuters reports that cryptocurrency investor Michael Terpin filed his lawsuit with the US District Court in Los Angeles. Terpin claims that on January 7, 2018, hijackers took control of his cell phone account and stole three million tokens of an unnamed cryptocurrency said to be worth $24 million. He is seeking restitution of the coin value plus punitive damages to the tune of $200 million.
The thieves accomplished this through a technique know and “SIM swapping.” Hackers using this method employ social engineering to get a carrier to switch a cell phone number over to a SIM card they control. Once they have control of the account, they can use it to access online accounts and change the passwords locking out the rightful owner. It can even be used to bypass two-factor authentication.
"The three million stolen tokens were worth $23.8 million, the complaint said. Terpin is also seeking $200 million in punitive damages."
SIM swapping is a growing problem. Just last week a college student was arrested (also in LA coincidentally) for stealing over $5 million in crypto from over 40 phones. The technique is popular because it is reasonably easy to pull off and requires no technical skill or hacking prowess.
Its growing popularity has led authorities to warn carriers about the scam, which is another point of contention in Terpin’s suit. The filing alleges that law enforcement had previously contacted AT&T about such frauds and yet the company took no precautions to prevent it. Lawyers claim that this fact is what moves the case from simple ignorance to "gross negligence."
The telecom giant responded to the lawsuit saying, “We dispute these allegations and look forward to presenting our case in court.”