Crypto SIM-swapping scammer jailed and ordered to pay $945,833 • The Register


A 20-year-old Florida man has been sentenced to 30 months in prison for his role in a SIM card trading ring that stole nearly $1 million in cryptocurrency from dozens of victims.

Jordan Persad, of Orlando, was also ordered to pay $945,833 in restitution. He pleaded guilty to conspiracy to commit computer fraud on May 1.

According to a plea agreement reached with U.S. prosecutors (PDF), between at least March 2021 and September 2022, Persad and his co-conspirators, some of whom he knew only by their online handles, used SIM swapping to siphon funds from their brands.

What’s interesting is that this sort of thing usually involves convincing the victim’s cell phone carrier to reassign the brand’s cell phone number to the SIM card in the scammer’s phone. Once this is done, the criminal can request a password reset for the victim’s various online accounts; unique verification codes contained in text messages to authenticate and change login information are sent to the thief rather than to the victim’s handheld, allowing accounts to be hijacked.

The scammer usually first takes control of a victim’s email via this method, and once in their inbox, resets more account passwords via email (or SMS) until the thief can access things like their victim’s cryptocurrency wallets hosted by exchanges.

In Persad’s case, his process was described in a slightly different order, but not necessarily sequential. In a statement, prosecutors said he “hacked victims’ email accounts, hijacked their cell phone numbers, and gained unauthorized access to their online cryptocurrency accounts.”

And in the plea agreement, Persad said he obtained log files containing people’s email address and password combinations; connected to people’s webmail; took control of the numbers associated with the SIM cards of these brands; then plundered their crypto wallets. It is therefore not quite the same order, even if the result is the same: the money is emptied from the accounts.

“For example, on or about April 4, 2022, my co-conspirators and I accessed, without authorization, an Internet-based cryptocurrency account belonging to JD, a resident of Arizona,” confessed Persad, who was sentenced last week, in a court document. “Under my instructions, one of my co-conspirators transferred approximately $28,000 worth of cryptocurrency from JD’s cryptocurrency account to a cryptocurrency wallet used or controlled by my co-conspirator.”

The crew then shared the illicit profits from the scam.

In total, the scammers stole at least $950,000 from their victims, and Persad claims to have personally hidden about $475,000 from the fraud. According to the U.S. Department of Justice, FBI investigators recovered some of those funds when they executed search warrants at Persad’s Orlando home.

This type of scam, as well as its timing, seems to follow the Scattered Spider playbook. The register asked the U.S. Attorney’s Office in Phoenix, Arizona, which prosecuted the case, whether Persad was connected to the loosely knit group of cybercriminals and did not receive a response.

Scattered spider is the English-speaking gang of teenagers in their twenties, similar to Lapsus$, who began their cybercrime with SIM swapping and email and SMS phishing attacks in 2022 before moving into ransomware and extortion.

The group is now considered a subsidiary of AlphV – AlphV alias Black cat is a ransomware as a service (RaaS) crew – and in September claimed responsibility for extortion attacks against Caesars Entertainment (who paid the ransom) and MGM Resorts (who did not negotiate with the scammers). ®

Leave a comment