CISA orders federal agencies to fix hundreds of exploited security flaws
US sanctions NSO Group and three others for spyware and exploit sales
Microsoft: Windows 11 built-in apps might not open on some systems
BlackMatter ransomware claims to be shutting down due to police pressure
Alleged Twitter hacker charged with theft of $784K in crypto via SIM swaps
Beware: Free Discord Nitro phishing targets Steam gamers
UK Labour Party discloses data breach after ransomware attack
BlackMatter ransomware moves victims to LockBit after shutdown
Qualys BrowserCheck
STOPDecrypter
AuroraDecrypter
FilesLockerDecrypter
AdwCleaner
ComboFix
RKill
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Toksearches.xyz Search Redirect
Remove the Smashapps.net Search Redirect
Remove the Smashappsearch.com Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
eLearning
IT Certification Courses
Gear + Gadgets
Security
SIM card
The US Department of Justice has indicted a suspected Twitter hacker known as ‘PlugWalkJoe’ for also stealing $784,000 worth of cryptocurrency using SIM swap attacks.
SIM swap attacks are when threat actors take control of targets’ phone numbers by porting them to their own device’s SIM card. These attacks are commonly made by performing social engineering and pretending to be the target, hacking into mobile carriers’ systems, or bribing employees.
Once they perform the SIM swap, the attackers will receive victims’ messages and calls which allows bypassing SMS-based multi-factor authentication (MFA), stealing user credentials, as well taking over the victims’ online service accounts.
In the indictment unsealed today in the Southern District of New York, the DOJ claims that Joseph O’Connor, a/k/a “PlugwalkJoe,” and co-conspirators used SIM swaps to gain access to accounts for a Manhattan-based cryptocurrency company.
Using this access, the alleged hackers stole $784,000 Bitcoin Cash, Litecoin, Ethereum, and Bitcoin from wallets managed by the company on behalf of clients.
“Between approximately March 2019 and May 2019, JOSEPH JAMES O’CONNOR, a/k/a “PlugwalkJoe,” the defendant, and his co-conspirators perpetrated a scheme to use SIM swaps to conduct cyber intrusions in order to steal approximately $784,000 worth of cryptocurrency from a Manhattan-based cryptocurrency company (“Company-1”), which, at all relevant times, provided wallet infrastructure and related software to cryptocurrency exchanges around the world, ” reads the unsealed indictment.
The stolen cryptocurrency includes 770.784869 Bitcoin cash, approximately 6,363.490509 Litecoin, approximately 407.396074 Ethereum, and about 7.456728 Bitcoin. 
The suspect is charged under this new indictment with conspiracy to commit computer hacking, conspiracy to commit wire fraud, aggravated identity theft, conspiracy to commit money laundering, 
O’Connor was previously indicted for his alleged involvement in a massive July 2020 Twitter hack that allowed threat actors to hijack accounts and promote cryptocurrency scams that stole over $120,000 worth of Bitcoin.
Some of the 130 high-profile accounts used in the attack included politicians, celebrities, tech executives (@JeffBezos, @BarackObama, @elon_musk, @kanyewest, @JoeBiden, @BillGates, and @WarrenBuffet) and companies (@Apple, @Uber, @coinbase, @Gemini, @binance).
The US government is pursuing the extradition of O’Connor, who is currently in custody in Spain.
The FCC proposes rules to fight SIM swap and port-out fraud
Twitter employees required to use security keys after 2020 hack
Money launderers for Russian hacking groups arrested in Ukraine
DarkSide ransomware rushes to cash out $7 million in Bitcoin
US links $5.2 billion worth of Bitcoin transactions to ransomware
Not a member yet? Register Now
Microsoft 365 outage blocks access to OneDrive, SharePoint files
Microsoft announces new endpoint security solution for SMBs
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.

source

You May Also Like

Hundreds of thousands of MikroTik devices still vulnerable to botnets

SonicWall ‘strongly urges’ customers to patch critical SMA 100 bugsWindows ‘InstallerFileTakeOver’ zero-day…

Beware: Free Discord Nitro phishing targets Steam gamers

CISA orders federal agencies to fix hundreds of exploited security flawsUS sanctions…

Microsoft Edge for Linux out of beta, now generally available

FBI: Ransomware targets companies during mergers and acquisitionsAndroid November patch fixes actively…

New Android malware targets Netflix, Instagram, and Twitter users

HPE says hackers breached Aruba Central using stolen access keyFBI warns of…