SIM card hunters: how does the US business of hacking and selling Instagram accounts work - ForumDaily
The article has been automatically translated into English by Google Translate from Russian and has not been edited.
Переклад цього матеріалу українською мовою з російської було автоматично здійснено сервісом Google Translate, без подальшого редагування тексту.
Bu məqalə Google Translate servisi vasitəsi ilə avtomatik olaraq rus dilindən azərbaycan dilinə tərcümə olunmuşdur. Bundan sonra mətn redaktə edilməmişdir.

SIM card hunters: how the business of hacking and selling Instagram accounts is organized in the USA

September night 2017, a resident of Salt Lake City, Rachel Ostlund (Rachel Ostlund), as always, was going to go to bed when she received a notification on her phone that the SIM card of her mobile number was “updated”. Perplexed, she went to her personal e-mail and found dozens of notifications about the change of passwords from various accounts with two-factor authentication through the phone.

Фото: Depositphotos

The fears were confirmed - the girl became a victim of intruders who, with the help of cunning and threats, hack and resell accounts from social networks, mainly Instagram. The main assistant to the unknown is the phone number of the victim: knowing it, they use social engineering and convince the representative of the provider to transfer the number to the duplicate SIM card. This is enough to steal accounts, banking data and cryptocurrency, followed by resale in secret forums, writes TJournal.

How is the phone number used against its owners?

In February, X-NUMX, the German telecommunications group T-Mobile, sent customers a massive warning about the threat of hacking accounts using a SIM card. The point is this: the attacker finds out the victim’s mobile number, calls the service center and impersonates its owner. He explains that he “lost” the SIM card, and asks to transfer the phone number to a new, pre-purchased one.

According to the rules, after that the consultant should ask for proof that the interviewee is really the owner of the number. In the US, in some cases, the date of birth or home address is suitable for this, and the attackers use it, posing as a victim. If the service agrees and transfers the number to a duplicate SIM card, the unknown person restores access to the accounts in the social networks and bank data of the victim using two-factor authentication by the phone number.

Account singer Selena Gomez after hacking. In addition to advertising posts, hackers published intimate photos of Justin Bieber

After this, a new stage begins - the sale of stolen accounts. Of particular value among social networks have profiles on Instagram. One of the largest and most active "stores" for buying pages is considered the forum OGUSERS. It launched in April 2017, and since then has become a popular destination for those who need to sell the “gangsta” (OG - original gangster). So called accounts with colorful and unique user names like: “Sex”, “Infinity” and “Rainbow”, or with very short logins like “t” and “ty”.

According to the administrators, in the spring of 2018 of the year, OGUSERS sold an Instagram account with a login @Bitcoin for 20 thousand dollars, and the username “Infinity” is estimated at a thousand dollars. Under attack also hit accounts of popular bloggers and stars. In August, 2017, unknown people broke into the profile of Selena Gomez (125 million subscribers at the time) and changed the name of the page in “Islah” - this is the name of the active user OGUSERS, who, according to forum messages, leads a separate group of intruders.

Extent of the problem

According to two forum moderators, OGUSERS never openly discuss hacking accounts using a duplicate SIM card, but among forum members this is a common way to steal accounts. In addition, the hackers toolkit contains the Doxagram darknet site, which allows you to buy a phone number and an email address from a certain Instagram account for 10 dollars. The resource appeared after a hands-free leakage of user data from the social network in 2017.

“Once upon a time, this is [hacking accounts through a duplicate SIM card - approx. TJ] was as easy as you can just call the phone company and ask to change the SIM card on the mobile number. Now you need to know the people who work in the company, and pay 100 dollars for cooperation, ”says user OGUSERS in a conversation with the Motherboard.

Other interlocutors familiar with the situation admit that many hackers pay 80-100 dollars to employees of communication companies for transferring a mobile number to a new SIM card. “With your people inside the company is always easier and faster,” says one of the forum users. Two moderators of the site Thug and Ace told that they have no remorse about hacking and resale of accounts, cryptocurrency wallets or bank data.

“I take their money and live my life. They are themselves to blame for not following security, ”says Ace.

Moderator Thug justifies their actions by the fact that they do not harm anyone when they steal accounts on Instagram, but only take away the names of users. In this case, a specialist in cyber security technology company Recorded Future, Andrei Barisevich (Andrei Barysevich) recognizes that at hacking using duplicates of SIM-cards, you can earn a lot of money.

In August, 2017, one of the largest cryptographic services, Coinbase made several loud attacks with theft of cryptocurrency from users. In total, the attackers stole several million dollars by accessing the victims' mobile numbers through a duplicate SIM card. It was not possible to return the funds.

Methods of struggle

AT&T, Verizon, Sprint and T-Mobile are all four American Internet giants that have admitted to a scheme to steal mobile numbers. However, none of the companies disclosed the number of hacked victims among their clients. AT&T called the number of casualties "small and rare," and a spokesman for T-Mobile said the company has tightened security measures to protect customers. The organization asked users to come up with a password to tell the consultant when asked to change the SIM card. No other companies have reported a similar system.

In March 2018, AT&T, Verizon, Sprint, and T-Mobile announced a "revolutionary" security system that will fix the problems and risks of two-factor authentication. However, since then nothing new has appeared about the initiative, and the details of its work are unknown. Moreover, it is unclear how she can fix the situation with the theft of SIM cards.

Like the communication giants, the FBI does not keep statistics or does not want to disclose data on the number of victims of duplication of SIM-cards. The media are not sure that such an account is generally carried out by the authorities.

Many victims of hacking have not managed to regain lost accounts, and sometimes in addition they lost money from bank cards. The story of Rachel Ostlund was different. Soon after the theft, the girl was called by an unknown person and threatened with “big problems” if she didn’t give him data from her profiles on Instagram and Twitter with a login of Rainbow - they were not tied to a phone number, so the attacker could not access them on his own.

“Immediately change the email address on Twitter. I don’t want to seem like a freak, but if you don’t respond quickly, bad things will soon happen to you, ”the message said an unknown person sent to Ostlund.

When someone called the second time, the police were already in the girl’s house. The patrols listened to the victim, but looked puzzled and did not say anything useful. With the support of T-Mobile, the girl still managed to regain control of her mobile number, but by that time an unknown person already controlled the account he needed on Instagram.

In September, 2018 will be the year since that theft. Presumably, the girl’s account is still under the control of a member of the OGUSERS forum, who introduced himself as an 18-year-old member of the “hacker groups”. It is not known how reliable this information is. Another alleged attacker who participated in the hacking of the account Ostlund, hiding under the name of Austin. According to the girl, the FBI was able to calculate it in Colorado Springs and “scare it badly,” so he will no longer be involved in theft of accounts. It is difficult to say how true this is, since federal agents rarely tell the press details of the investigations.

 

Read also on ForumDaily:

What happens to the pages in social networks after the death of the user

What you can learn about yourself online and who uses it

Loneliness in the network: the American company sells bots and fake subscribers

How did the Russian factory trolls in the US

How do trolls and bots associated with Russia take advantage of the closure of the US government 

Miscellanea Social Network Instagram Educational program
Subscribe to ForumDaily on Google News

Do you want more important and interesting news about life in the USA and immigration to America? — support us donate! Also subscribe to our page Facebook. Select the “Priority in display” option and read us first. Also, don't forget to subscribe to our РєР ° РЅР ° Р »РІ Telegram  and Instagram- there is a lot of interesting things there. And join thousands of readers ForumDaily New York — there you will find a lot of interesting and positive information about life in the metropolis. 



 
1066 requests in 1,161 seconds.