Florida man has been sentenced to 30 months in prison for stealing nearly $1M in crypto.
A 20-year-old Florida man, Jordan Persad, has been sentenced to 30 months in prison for his involvement in a SIM-swapping ring that stole nearly $1 million in crypto from multiple victims. This sophisticated cybercrime operation targeted individuals’ mobile carriers and email accounts, allowing the criminals to gain unauthorized access to their cryptocurrency holdings. In this article, we will delve into the details of the case, exploring the methods employed by Persad and his co-conspirators, the consequences of their actions, and the broader implications of SIM-swapping scams in the digital age.
The SIM-Swapping Scheme
SIM-swapping is a form of cybercrime in which perpetrators manipulate mobile carriers to reassign a victim’s phone number to a SIM card controlled by the criminal. This provides the scammer with access to text messages containing one-time verification codes sent by various online services, enabling them to reset passwords and take control of the victim’s accounts.
In this case, Persad and his co-conspirators orchestrated a series of attacks between March 2021 and September 2022. Unlike the typical SIM-swapping process, their scheme followed a slightly different order. According to Persad, he first obtained log files containing email address and password combinations. He then accessed victims’ webmail accounts, seized control of the phone numbers associated with their SIM cards, and ultimately raided their cryptocurrency wallets hosted by exchanges.
In his plea agreement, Persad admitted to these actions, describing the unauthorized access to victims’ email accounts and the subsequent takeover of their online cryptocurrency accounts. An example provided in the court documents detailed an incident in which Persad and his co-conspirators transferred approximately $28,000 worth of cryptocurrency from a victim’s account to a wallet controlled by one of the conspirators.
Theft and Distribution of Illicit Proceeds
The SIM-swapping ring managed to steal at least $950,000 from their victims, with Persad himself profiting by approximately $475,000 from the fraudulent activities. The criminals divided the ill-gotten gains among themselves, perpetuating a network of cybercrime.
Recovery of Stolen Funds
While the cybercriminals managed to abscond with a significant sum of money, FBI investigators took action to recover some of the stolen funds. Search warrants executed at Persad’s residence in Orlando resulted in the retrieval of a portion of the stolen cryptocurrency.
Connections to Scattered Spider
The SIM-swapping scam and its timing appear to align with the tactics of a cybercriminal group known as Scattered Spider. This group, comprised of young individuals, initiated their criminal activities with SIM swapping and phishing attacks before expanding into ransomware and extortion. Scattered Spider is associated with AlphV, a ransomware-as-a-service (RaaS) crew, and claimed responsibility for extortion attacks on Caesars Entertainment and MGM Resorts.
Jordan Persad’s sentencing serves as a reminder of the persistent threats posed by cybercriminals in the digital age. SIM-swapping scams, like the one orchestrated by Persad and his co-conspirators, highlight the need for enhanced security measures to protect individuals’ online accounts and digital assets. As cybercrime continues to evolve, law enforcement agencies and security experts must remain vigilant to combat these threats effectively.