Amir Hossein Golshan, 24, from Los Angeles, has been charged with multiple federal crimes related to hacking high-profile Instagram accounts using SIM swapping and extorting their owners.
The man targeted predominately female influencers, obtaining their passwords and bypassing two-factor authentication protection by means of SIM swapping to assume control of their accounts.
SIM swapping is an attack that involves bribing or tricking a mobile carrier agent into porting the victim’s phone number to a new SIM card. By doing so, the attackers receive the two-factor authentication one-time passwords via SMS on their phone, enabling them to access otherwise well-protected accounts.
Next, he proceeded to change the account passwords to extort several thousands of dollars from the victims to give them back access to their accounts. Moreover, he attempted to deceive their friends and followers into sending him money under the guise of the victim’s identity. In some instances, the attacker also coerced victims into sending him sexually explicit videos.
Golshan then allegedly logged into the victims’ social media accounts, impersonated them to their online friends, and requested that the victims’ online friends send him money. Other times, Golshan allegedly extorted the victims for money and sexually explicit chats to return the victims’ social media accounts. – U.S. Dept. of Justice
The ransom demanded by the attacker in one confirmed case was $5,000, while the amount he collected by defrauding the victim’s contacts in another case reached $15,000.
Apart from this activity, Golshan also defrauded social media users claiming he could provide them with a verified badge on Instagram in exchange for money. Gullible users who believed Golshan’s promise paid him to get verified on the social media platform but got nothing in return.
Golshan was arrested on February 2, 2023, facing six charges concerning wire fraud, unauthorized access to a protected computer, accessing a computer to defraud or obtain value, aggravated identity theft, and threatening to damage a protected computer.
If convicted of the above, Golshan will face a maximum imprisonment sentence of 20 years for wire fraud, five years for hacking, and two years for identity theft.
How to Protect from SIM Swapping
SIM swapping is a menace for all users, especially those who draw attention with high-profile, valuable social media accounts, flaunt digital asset possessions, etc.
While the attack takes place entirely without the victim’s involvement, there are still things that account owners can do to minimize the chances of falling victim to it.
First, use an authenticator application or a physical security key (pen-drive or smartphone) instead of a mobile number for SMS-based two-factor authentication.
If SMS is the only available option, use a private mobile number exclusively reserved for 2FA, which is not known to the public.
Finally, call your mobile carrier and ask about security options you can activate against unauthorized number porting. Many offer an additional PIN step, notification alerts, port blocking, or customer service verification.
Apple iOS and macOS Impacted by New Bugs Bypassing Code Signing
Most carriers around the world don’t and won’t take “sim” swapping seriously. Some just require your date of birth and postal/zip code.
What wasn’t mentioned in the incomplete blog is how these criminals were able to know the phone number, full name, and more which is required. Typically these influencers ( I don’t know any who aren’t corrupt/self-absorbed) must be victims of an email hack or mail theft.
Great article Heinrich!
For anyone who likes podcasts:
https://darknetdiaries.com/episode/112/
It details the criminal activity discussed above
GL all,