Cryptocurrency boosters love to characterize Bitcoin and others as “disruptive” to the established financial sector, but when it comes to robberies and heists, the two industries are starting to look more similar to each other.
Hackers have increasingly used vulnerabilities in the blockchain to steal other people’s hard-earned fake money, and one investor is pointing his finger at his cell phone provider.
A cryptocurrency investor named Michael Terpin filed a $224 million federal lawsuit against AT&T on Wednesday for what he describes as the “digital identity theft” of his cell phone account.
According to Terpin’s complaint, thieves convinced AT&T to forward his calls and messages to a SIM card belonging to a cyber criminal ring. The thieves then used the information they obtained about their target to steal $23.8 million worth of tokens from his account.
The remaining $200 million that Terpin is demanding from AT&T is for punitive damages. He says that AT&T failed to protect his account even after he reported unusual activity and got law enforcement involved.
An AT&T spokesman told Reuters that they are looking forward to fighting the allegations in court.
This isn’t the first time that SIM-swap scams on AT&T accounts have been linked to cryptocurrency theft. So-called SIM-swap scams work because they are relatively easy. Experts say it takes minimal effort to trick phone company employees into giving criminals what they need: a link between another person’s account and a new SIM card belonging to the criminal ring.
With access to another person’s phone number, hackers can access messages and other sensitive information intended for the victim. Cryptocurrency investors have been an especially popular target of this scam.
One such scammer in Florida was arrested last week for allegedly leading a criminal ring that used SIM-swaps to steal money from people across the country.
In a confidential alert last Friday, the FBI reportedly released an unusual warning. International banking giants faced an imminent threat that cyber criminals would target their ATM machines, the FBI said.
One day later, that exact heist happened to a banking giant based in India. Hackers infected bank servers with malware, giving them the ability to approve their own transactions. They then used fake cards to withdraw money from 14,00 ATM machines across 28 countries. All of the ATM machines belong to the Cosmos Bank chain.
The corporation said that no consumer accounts were impacted, likely part of an effort to discourage people from cashing out on their entire bank accounts.
"We appeal customers to remain calm and not to get panic as savings, term deposits, recurring accounts of all the stakeholders are fully safe,” the Cosmos Bank chairman MIlind Kale told local media.
Cosmos doesn’t have ATMs in the United States, but money heists targeting traditional banks are also hitting increasingly closer to home. Bank giants in Canada and Mexico have both reported falling victim to hackers in recent months.