Cryptocurrency Thief Nabbed By Police Before Boarding Plane To Europe

Police arrested alleged hacker Joel Ortiz at Los Angeles Interational Airport and have set his bail at $1 million.

Last month, on July 12, 2018, police took Joel Ortiz into custody for allegedly hacking close to 40 individuals.

Ortiz, with the help of yet unidentified accomplices, was picked up for 13 counts of identity theft, 13 counts of hacking and two counts of grand theft. For Ortiz, SIM swapping was the method of choice used to hijack cell phone numbers, social media accounts, email addresses, and ultimately millions of dollars in cryptocurrencies.

Something to take note of: there are bad actors at every cryptocurrency conference. Ortiz happens to have orchestrated his attacks at various cryptocurrency conferences. At least three hacks happened at the heavily attended Consensus convention where prosecutors believe Ortiz stole over $1.5 million from a cryptocurrency startup, more than half of which came from the company’s initial coin offering.

Going After Your Phone

Ortiz’s preferred method of attack was SIM swapping. SIM swapping attacks are particularly nerve wracking because when successful, the thief who is essentially stealing the identity of the person whose account they are hijacking can simply lock their victim out by having the cell provider change a password. Once this is done, any other account that relies on the stolen cell phone as a means of authentication can then be breached. So if the hacker already knows your email address and controls your phone, they can easily reset email passwords, and get into accounts on exchanges linked to that email where many people hold their cryptocurrency.

In the case with Ortiz, police honed in an incident wherein the scammer resorted to harassing his target’s wife, daughter, and social circle with phone calls and texts asking for bitcoin.

Police acquired a series of warrants in order to get information from AT&T, Google, as well as three cryptocurrency exchanges: Coinbase, Binance, and Bittrex. As a result of their sleuthing, police were able to track Ortiz down via two Samsung Android phones, identified by IMEI numbers.

One of Ortiz’s emails police obtained during the course of their investigation contained information about SIM swapping. In addition, some of the other incriminating emails police found include confirmations from YouTube regarding videos Ortiz uploaded intended to teach other malicious actors how to utilize “zero-day exploits” as well as the purchase of domains such as “tw-tter.com” designed to facilitate phishing campaigns.

Based on findings from the cryptocurrency exchanges, police determined Ortiz had funneled over $1 million dollars through them. Thus far only $250,000 has been seized, and authorities are unsure where the rest may of the illicit funds may be.

AT&T’s records showed that at least forty phone numbers may have been potential victims, and when police followed up they confirmed as much with those individuals who contended their phones had been hijacked as a result of SIM swapping.

Take Precautions

While you can’t avoid the fact that every convention or conference you go to in the cryptocurrency scene will have bad actors at it, but you can take some simple steps to avoid being a victim yourself.

For one thing, make sure the number you share with people isn’t the same one you have attached to any accounts you use. It may seem like an extreme step, but this layer of separation between your email and your cell phone number is very necessary. This way, if a scammer manages to hijack your cell phone number, you can limit the damage they do by not having it attached to your email address. Whenever possible, you should also integrate a tokenized form of 2 factor authentication (2FA) rather than relying on email for 2FA.

Be careful about joining a wifi network. You’re going to want to mess with your phone eventually, take a picture and upload it to instagram, or browse up your crypto kitties to show them off. Chances are good everyone else is going to want to do that too, and the networks are going to be very slow. But look there’s an open wifi! You can just pop on to that and get a better data speed right? Wrong. Don’t even think about it. Who knows what’s going on with that open network you’re about to connect to? It’s best to wait it out in these situations and bear with a slow network as opposed the alternative: possibly getting hacked.

If you have a cryptocurrency exchange account, consider putting your tokens on a cold storage device, rather than allowing the exchange to hold it for you. Cryptocurrency is about becoming your own bank, so why let an exchange act like the custodian for your holdings? Think about it this way; if your cryptocurrency is sitting in an account that you can access that relies on factors like email or a cell phone authentication to log in, it’s possible for someone else to access it, and before you can react in time they can strike and rob you blind. If your cryptocurrency is sitting on a hardware wallet and you’re the only one who knows the private key, you’re much safer.

By the way, you should never give out your private key. Anyone asks you for it, well you should consider that a big red flag. With your private key thieves can access your wallet and empty it out, and there’s not a thing you can do to get it back.

Beware phishing links, be they from SMS sources, from fake Twitter offers, breached social media accounts, or from anywhere else. A great precaution you can take to stifle phishing sites, that is if you haven’t already, is to download a phishing blocker for your internet browser such as Cryptonite for Chrome, Firefox, and Opera. In addition to halting phishing sites in their tracks, Cryptonite gives you a visual cue for verified web resources related to the cryptocurrency ecosystem with a black shield that turns green. If the shield doesn’t turn green, that resource isn’t verified, and you should think twice about clicking.

Ultimately we built this and other tools to help you, but it will require constant vigilance on your part to keep fraudsters from getting the upper hand. Stay educated, stay aware, and stay safe.

The MetaCert Protocol is a trust and reputation threat intelligence system for verifying web resources. It addresses a number of attack vectors, encompassing solutions for anti-phishing, child safety, brand protection, crypto-address verification, and news credibility. Find out more about the MetaCert Protocol, ask questions, and leave suggestions on both our White Paper and Technical Paper. You can also join our Telegram community to stay up to date on our blockchain project. Remember to install Cryptonite to protect yourself from phishing scams before it’s too late.