All news with #sim swapping tag

🔎 Researchers at Infrawatch have identified a Belarus-associated platform, ProxySmart, linked to 87 control panels across 17 countries and 94 phone farm locations. The turnkey software provides device management, automated IP rotation, customer provisioning and anti-bot measures, enabling what researchers describe as SIM Farm as a Service. ProxySmart orchestrates both physical smartphones and USB 4G/5G modems, supports multiple proxy protocols, and includes OS fingerprint spoofing, significantly lowering the technical barrier for large-scale mobile proxy operations.

🔒 Tyler Robert Buchanan, a 24-year-old British national and senior member of the cybercrime group Scattered Spider, has pleaded guilty to wire fraud conspiracy and aggravated identity theft for his role in 2022 SMS-phishing attacks. He admitted launching tens of thousands of phishing texts that enabled intrusions at companies including Twilio, LastPass, DoorDash and Mailchimp. Prosecutors say the campaign fueled SIM-swap thefts that siphoned at least $8 million in cryptocurrency from U.S. investors. Buchanan faces a statutory maximum of 22 years; sentencing is set for August 21, 2026.

🔒 Tyler Robert Buchanan, a 24-year-old British national believed to lead the Scattered Spider cybercrime collective, has pleaded guilty in U.S. federal court to wire fraud and aggravated identity theft in connection with cryptocurrency thefts. Prosecutors say Buchanan and co-conspirators used large-scale SMS phishing campaigns and SIM swap attacks to steal at least $8 million from companies and individuals between September 2021 and April 2023. Buchanan was arrested in June 2024 in Palma de Mallorca, has been in U.S. custody since April 2025, and faces a statutory maximum of 22 years; sentencing is scheduled for August 21, 2026.

🔒 Signal has confirmed that attackers have hijacked some user accounts by tricking victims into handing over verification codes or linking a second device. The company says its encryption and central infrastructure remain uncompromised and that the campaign relies on social engineering rather than exploiting software vulnerabilities. Targeted users received in-app messages purporting to be a "Signal Security Support Chatbot" or were sent QR codes and links that secretly link an attacker’s device. Review Settings > Linked Devices and never share verification codes or your PIN.

🔎An extensive international gray market for physical and virtual SIM cards is enabling large-scale verification of fake accounts, a study by the University of Cambridge finds. Providers such as SMSActivate, 5Sim, SMShub and SMSPVA supply numbers used to create and verify bot armies across WhatsApp, Telegram, Facebook, X, TikTok and e-commerce sites. The researchers published the COTSI index to track daily SMS verification prices in 197 countries and observed notable price spikes for WhatsApp and Telegram ahead of national elections, highlighting risks for fraud, influence operations and phishing.

🔒 Social media influencers are increasingly attractive targets for cybercriminals who hijack trusted accounts to distribute scams, malware and fraudulent offers. Attackers use spearphishing, credential stuffing, brute-force attacks and SIM swapping, and AI is making those lures more convincing. Compromised accounts may be sold or used to push crypto and investment scams, exfiltrate follower data or extort victims. Practical defences include long, unique passwords, app-based 2FA, phishing awareness, device separation and up-to-date security software.

🔎 Operating from Jakarta, First Wap markets a covert phone-tracking system called Altamides that leverages the legacy telecom protocol SS7 to locate subscribers in real time. Unlike device-targeting spyware such as Pegasus, Altamides requires no malicious link or implant and leaves minimal forensic traces on phones. Reporting from Mother Jones and Lighthouse Reports traces how permissive export rules and a global client network have allowed this capability to spread.

🚨 Europol announced the disruption of a sophisticated cybercrime-as-a-service SIM farm in Operation SIMCARTEL, resulting in seven arrests and 26 searches across multiple countries. Authorities seized 1,200 SIM box devices containing about 40,000 active SIM cards, dismantled five servers and took over two websites, and froze significant cash and cryptocurrency assets. The platform supplied numbers from over 80 countries and is tied to the creation of more than 49 million online accounts used in phishing, smishing, investment fraud and other serious offences.

🔍 Europol, together with national police units and the Shadowserver Foundation, dismantled an illegal SIM‑box service codenamed SIMCARTEL that rented phone numbers to criminals for creating fraudulent online accounts. The service operated about 1,200 SIM‑box devices with roughly 40,000 active SIM cards and offered numbers tied to individuals in more than 80 countries via seized sites gogetsms.com and apisim.com. Authorities linked the infrastructure to thousands of fraud cases and at least EUR 4.5 million in losses in Austria and EUR 420,000 in Latvia.

🔒 U.S. prosecutors have charged 19‑year‑old Thalha Jubair as a core member of Scattered Spider, alleging the group extorted at least $115 million from victims. Jubair and an alleged co‑conspirator, 18‑year‑old Owen Flowers, appeared in London court facing accusations tied to high‑profile attacks on retailers, public transit and U.S. healthcare providers. Authorities say the complaint links Jubair to a network of SIM‑swapping, SMS phishing and ransomware operations and to cryptocurrency servers used to launder proceeds.

📵 The U.S. Secret Service says it disrupted a large network of SIM farms near New York City that officials warn could have disabled cellular service during the U.N. General Assembly. Agents seized more than 300 SIM servers and roughly 100,000 SIM cards across sites in New York, New Jersey and Connecticut. Authorities say the equipment could have texted the entire U.S. population within minutes, launched DDoS attacks, and interfered with emergency communications. The agency attributed the operation to nation-state actors working with organised crime, while specific locations and perpetrators remain undisclosed.

🚨 The U.S. Secret Service announced it dismantled a network of more than 300 co-located SIM servers and roughly 100,000 SIM cards across the New York tri-state area ahead of the United Nations General Assembly. The devices, concentrated within a 35-mile radius of the UN gathering, were used to issue anonymous threats to senior U.S. officials and could be weaponized to disrupt telecommunications or enable encrypted communications. The agency's Advanced Threat Interdiction Unit is leading the investigation and said early evidence shows cellular links between nation-state actors and individuals known to federal law enforcement.

🔒 Noah Michael Urban, a 20-year-old member of the Scattered Spider cybercrime gang, was sentenced to 120 months in federal prison after pleading guilty to wire fraud and aggravated identity theft in April 2025. The court also ordered $13 million in restitution and three years of supervised release; Urban called the sentence unjust. Prosecutors say Urban and co-conspirators used SIM swapping and social engineering between August 2022 and March 2023 to steal at least $800,000 and hijack cryptocurrency accounts. His case is part of broader DoJ actions against Scattered Spider as the group forges alliances with other criminal collectives.

🔒 A 20-year-old Florida man, Noah Michael Urban, was sentenced to 10 years in federal prison and ordered to pay about $13 million in restitution after pleading guilty to wire fraud and conspiracy. Prosecutors say Urban acted with members of Scattered Spider, using SIM-swapping and SMS phishing to divert calls and one-time codes and to phish employees into fake Okta pages. The campaign compromised access at more than 130 firms and enabled thefts of proprietary data and millions in cryptocurrency.