Another AT&T SIM Swapping Hack Targets Trio of Crypto Execs

shutterstock_1243869973
26 October 2019

A crypto executive is suing AT&T over a SIM swapping hack that he claims cost him $1.7 million in digital assets in a hit aimed at three executives attending Consensus 2018

VideoCoin Head of Strategy Seth Shapiro alleged in his lawsuit, filed Oct. 17  in U.S. District Court for the Central District of California, that the cell carrier granted hackers repeated access to his SIM card in May 2018, allowing them to clear out his wallets on 11 exchanges worth over $1.8 million dollars. 

In the almost cinematic 58-page complaint, Shapiro lays out an elaborate web of inside men, internal conspiracy and back-to-back SIM swaps that have already landed at least two former AT&T employees in criminal court:

“By utilizing their control over Mr. Shapiro’s AT&T cell phone number—and the control of additional accounts (such as his email) secured through that number by utilizing two factor authentication—these third-party hackers were able to access Mr. Shapiro’s accounts on various cryptocurrency exchange platforms, including the accounts he controlled on behalf of his business venture. The hackers then transferred Mr. Shapiro’s currency from Mr. Shapiro’s accounts into accounts that they controlled. In all, they stole more than $1.8 million from Mr. Shapiro in the two consecutive SIM swap attacks on May 16, 2018.”

The lawsuit alleged that two former AT&T employees from Tucson, Arizona, were the key to the operation. Jarrett White and Robert Jack received $4,300 and $585.25, respectively, from hackers referred to in court documents as “The Community” to feed the six-man group a stream of insider intel. 

It was this backdoor that gave “The Community” access to Shapiro’s cellphone, the document said.

Shapiro said that of the $1.757 million stolen, $1 million was his and the remainder to belong to other people who were investing in crypto projects with him.  

In addition to Shapiro, the thieves also swapped the SIMs of two other executives at the event, Chris Kitze and Fiorenzi Villani.

Although not mentioned in the court filing, all three executives are partners in a series of crypto PR companies and investment funds. 

In fact, they are all this weekend presenting at a conference produced by the most well-known crypto swapping victim, Michael Terpin, who is also suing AT&T for a SIM heist that cost him $23.8 million, in addition to seeking $200 million in punitive damages.

Shapiro, Kitze and Terpin are members of Pro Top Company Services, in Tortola, British Virgin Islands, advertising crypto investment funds. This nine-member company mirrors a second BVI-registered organization, Alphabit Fund, with only seven members, which excludes Shapiro and another executive, their business development representative in Japan. 

Villani is a partner with Terpin in the Transform GROUP public relations company, and both are organizers of the CoinAgenda conference this weekend in Las Vegas. All four presented at the event last year, though Shapiro was not included in this year’s list of featured speakers.

Kitze, a serial entrepreneur with several notable dot-com era exits, was registered at the 2018 Consensus event as an executive at a blockchain company that no longer seems to be in operation.

On the day of the theft, Shapiro’s VideoCoin announced the completion of a $50 million initial coin offering (ICO) entirely through private investment, rather than the typical public sale. Investors included Galaxy Investment Partners, ethereum co-founder Anthony Di Iorio, Akamai Co-Founder Randall Kaplan, Science Blockchain and Alphabit Fund.

The investigation 

In his account to investigators, Shapiro said he was targeted on May 16, 2018, while attending CoinDesk’s annual Consensus conference in New York. 

Shapiro said he lost cell reception and went to a Manhattan AT&T store for help, testimony collected by investigators show. 

AT&T salespersons confirmed his suspicions: he had been the victim of a SIM-swapping hack, the same kind of attack that has allowed hackers to steal from other high profile figures. 

Shapiro purchased a new phone and SIM card at the AT&T salesperson’s recommendation. He was already fearful, according to the civil complaint, that the hackers would get into his crypto accounts. He thought the new phone would stave off the heist.

But “The Community” and their moles inside AT&T were one step ahead of him, a chat stream collected by investigators show:

“57 COINS. In bittrex. Trying to stay calm. Rn.” said @ilvebtc in a series of successive texts to The Community group chat, titled “hehe,” on May 16 at around 2:00pm in the afternoon. @ilvebtc had breached Shapiro’s Bittrex account. 

@coinmission responded: “He probably has way more in other places. He has eth.”

A wallet address mentioned in the chat shows over 1,200 ETH, worth about $500,000 at the time routed into the wallet from a Bittrex account. Three equal cuts of 441.6 ETH later flowed outbound. 

Later in the exchange, @woahk, who is referred to by other members as “Joel,” notes that some unusual activity is happening on the SIM-swapped phone. “He’s trying to get number back. I’m getting text messages.”

Joel Ortiz was sentenced in April to 10 years in prison for prolific SIM swapping, becoming the first person in the country to be jailed for such an offense. 

He had made off with an estimated $7.5 million across 40 hacks; Ortiz’s sentencing documents show that at least $900,000 of that came from Seth Shapiro.

AT&T told CoinDesk in a statement that it is refuting Shapiro’s allegations and plans to fight them in court.

SIM card image via Shutterstock