Nine Individuals Connected to a Hacking Group Charged With Online Identity Theft and Other Related Charges
Six individuals connected to a hacking group known to its members as “The Community” were charged in a fifteen count indictment unsealed today with conspiracy to commit wire fraud, wire fraud and aggravated identity theft, announced United States Attorney Matthew Schneider. In addition, a criminal complaint was unsealed charging three former employees of mobile phone providers with wire fraud in relation to the conspiracy.
Schneider was joined in the announcement by Acting Special Agent in Charge Angie Salazar of U.S. Immigration and Customs Enforcement’s (ICE) Homeland Security Investigations (HSI) Detroit.
Charged in the indictment were:
Conor Freeman, 20, of Dublin, Ireland
Ricky Handschumacher, 25 of Pasco County, Florida
Colton Jurisic, 20 of, Dubuque, Iowa
Reyad Gafar Abbas, 19, of Rochester, New York
Garrett Endicott, 21, of Warrensburg, Missouri
Ryan Stevenson, 26, of West Haven, Connecticut
Charged in the criminal complaint were:
Jarratt White, 22 of Tucson, Arizona
Robert Jack, 22 of Tucson, Arizona
Fendley Joseph, 28, of Murrietta, California
According to the indictment, the defendants are members of “The Community” and are alleged to have participated in thefts of victims’ identities in order to steal cryptocurrency via a method known as “SIM Hijacking”. Cryptocurrencies, also known as virtual currencies or digital currencies, are online media of exchange. The most famous of these is Bitcoin. Like traditional currency, they act as a store of value and can be exchanged for goods and services. They can also be exchanged for dollars.
“SIM Hijacking” or “SIM Swapping” is an identity theft technique that exploits a common cyber-security weakness – mobile phone numbers. This tactic enabled “The Community” to gain control of victims’ mobile phone number, resulting in the victims’ phone calls and short message service (“SMS”) messages being routed to devices controlled by “The Community”. “SIM Hijacking” was often facilitated by bribing an employee of a mobile phone provider. Other times, SIM Hijacking was accomplished by a member of “The Community” contacting a mobile phone provider’s customer service—posing as the victim—and requesting that the victim’s phone number be swapped to a SIM card (and thus a mobile device) controlled by “The Community”.
The indictment alleges that, once “The Community” had control of a victim’s phone number, the phone number was leveraged as a gateway to gain control of online accounts such as a victim’s email, cloud storage, and cryptocurrency exchange accounts. For example, “The Community” would use their control of victims’ phone numbers to reset passwords on online accounts and/or request two-factor authentication (2FA) codes that allowed them to bypass security measures.
The members of “The Community” charged in the indictment endeavored to gain control of victims’ cryptocurrency wallets or online cryptocurrency exchange accounts and steal victims’ funds. It is alleged in the indictment that the defendants executed seven attacks that resulted in the theft of cryptocurrency valued at approximately $2,416,352.
According to the criminal complaint, defendants White, Jack and Joseph were employees of mobile phone service providers and helped members of “The Community” steal the identities of subscribers to their employers’ services in exchange for bribes.
“Mobile phones today are not only a means of communication but also a means of identification,” stated United States Attorney Matthew Schneider. “This case should serve as a reminder to all of us to protect our personal and financial information from those who seek to steal it.”
“The allegations against these defendants are the result of a complex cryptocurrency and identity theft investigation led by Homeland Security Investigations, which spanned two continents,” said Salazar. “Increasingly, criminal groups are turning exclusively to web-based schemes to further their illicit activities, which is why HSI has developed capabilities to meet these threats head on.”
If convicted on the charge of conspiracy to commit wire fraud, each defendant faces a statutory maximum penalty of 20 years in prison. The charges of wire fraud each carry a statutory maximum penalty of 20 years in prison. A conviction of aggravated identity theft in support of wire fraud carries a statutory maximum penalty of 2 years in prison to be served consecutively to any sentence imposed on the underlying count of wire fraud.
The defendants in this case are presumed innocent. Indictments and criminal complaints are merely charges and it is the government’s burden to prove guilty beyond a reasonable doubt.
This case was investigated by special agents of Immigration and Customs Enforcement with the assistance of Irish law enforcement authorities. The case is being prosecuted by Assistant United States Attorney Timothy Wyse, assisted by Assistant United States Attorney Shankar Ramamurthy and attorneys from the DOJ Office of International Affairs. Special thanks are due to Assistant United States Attorneys and federal agents across the country that provided assistance with arrests and searches conducted on May 9, 2019.