Enlarge (credit: Wong Yu Liang | Moment )

The US may have uncovered the nation's largest "SIM swap" scheme yet, charging a Chicago man and co-conspirators with allegedly stealing $400 million in cryptocurrency by targeting over 50 victims in more than a dozen states, including one company.

A recent indictment alleged that Robert Powell—using online monikers "R," "R$," and "ElSwapo1"—was the "head of a SIM swapping group" called the “Powell SIM Swapping Crew.” He allegedly conspired with Indiana man Carter Rohn (aka "Carti" and "Punslayer") and Colorado woman Emily Hernandez (allegedly aka "Em") to gain access to victims' devices and "carry out fraudulent SIM swap attacks" between March 2021 and April 2023.

SIM-swap attacks occur when someone fraudulently induces a wireless carrier to "reassign a cell phone number from the legitimate subscriber or user’s SIM card to a SIM card controlled by a criminal actor," the indictment said. Once the swap occurs, the bad actor can defeat multi-factor authentication protections and access online accounts to steal data or money.

Enlarge (credit: Getty Images | Panuwat Sikham )

After years of inaction, the FCC this week said that it's finally going to protect consumers against a scam that takes control of their cell phone numbers by deceiving employees who work for mobile carriers. While commissioners congratulated themselves for the move, there’s little reason yet to believe it will stop a practice that has been all too common over the past decade.

The scams, known as "SIM swapping" and "port-out fraud," both have the same objective: to wrest control of a cell phone number away from its rightful owner by tricking the employees of the carrier that services it. SIM swapping occurs when crooks hold themselves out as someone else and request that the victim's number be transferred to a new SIM card—usually under the pretense that the victim has just obtained a new phone. In port-out scams, crooks do much the same thing, except they trick the carrier employee into transferring the target number to a new carrier.

This class of attack has existed for well over a decade, and it became more commonplace amid the irrational exuberance that drove up the price of Bitcoin and other crypto currencies. People storing large sums of digital coin have been frequent targets. Once crooks take control of a phone number, they trigger password resets that work by clicking on links sent in text messages. The crooks then drain cryptocurrency and traditional bank accounts.

Enlarge

This week, The Daily Wire podcast host Matt Walsh got hacked, leading a hacker called Doomed to gain unfettered access to his Twitter, Google, and Microsoft accounts. A journalist named Dell Cameron then tweeted to encourage the hacker to contact him, then published an interview with Doomed for Wired . Tweeting out that story—Cameron confirmed on Mastodon —ultimately got the tech policy reporter permanently suspended from Twitter for violating the social platform’s policy on distributing hacked materials.

Now, Walsh is threatening to sue “members of the media who openly solicited stolen information” from his phone, he tweeted . Announcing that The Daily Wire’s team was assisting him with legal counsel, he warned journalists like Cameron that he could afford to hire “very good lawyers.”

Walsh could not immediately be reached for comment. Cameron declined to comment. Yesterday, Wired tweeted a statement from its managing editor, Hemal Jhaveri.