A former sales representative of a mobile carrier has been sentenced after accepting bribes to perform SIM-swapping attacks. 

This week, the US Department of Justice (DoJ) said that Stephen Defiore, a Florida resident, accepted “multiple bribes” of up to $500 per day to perform the switches required to reroute phone numbers in SIM-swapping. SIM-swapping is quickly becoming a serious issue for telecommunications firms — made worse when employees, who have access to internal systems — are involved.  These attacks require either internal help or the use of social engineering to convince a carrier to reroute calls and text messages from one handset to another. SIM-swapping is often performed to circumvent security controls including two-factor authentication (2FA) and to compromise accounts for services including banking and cryptocurrency wallets.  The victims may only have a small window of time to rectify the situation once they realize that phone calls and messages are not being received — but by the time they reach their service provider, attackers may have already secured the second-level security codes required to hijack other accounts.  Rather than go through the effort of obtaining enough information on a target to successfully manage to pretend to be the victim on a phone call, some attackers try to recruit insider help.  In this case, between 2017 and 2018, Defiore was a sales representative for an unnamed carrier. 

The 36-year-old accepted bribes of roughly $500 to perform SIM-swapping on behalf of someone else. For each case, he would be sent a phone number, a four-digit PIN, and a SIM card number to be swapped with the victim’s handset details.  At least 19 customers were targeted and prosecutors estimate that the employee received $2,325 in bribes.  Following his arrest, Defiore pleaded guilty to one count of conspiracy to commit wire fraud.  US Attorney Duane Evans said that Defiore was sentenced on October 19 and will serve three months probation, a year of home confinement, and must perform 100 hours of community service.  The SIM-swapper must also pay a $100 fee and $77,417.50 in restitution.  Last year, Europol took down a massive SIM-swapping ring responsible for the theft of millions of euros. Operations Quinientos Dusim and Smart Cash combined law enforcement from multiple countries in the region, leading to multiple arrests.  Previous and related coverage Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More

Image: iStock Taiwan’s Ministry of Interior is indefinitely delaying the rollout of electronic ID cards due to COVID-19. The card, featuring an embedded chip, was scheduled to begin replacing the island’s existing ID cards in October. It would allow for digital signatures, anti-forgery capabilities, and other applications that could be built on top of it, […] More

Most smartphone companies hold out for MWC in February, but this year, Motorola’s jumping ahead of the game, announcing its ThinkPhone during CES. ZDNET Tech Editor June Wan got a first-hand look at this 6.6-inch OLED device.Check out his thoughts here. More

Colonial Pipeline, the operator of the one of the largest pipelines in the United States for refined petroleum products, Wednesday evening said it restarted operations that had been interrupted by a ransomware attack May 7th.  “Colonial Pipeline initiated the restart of pipeline operations today at approximately 5 p.m. ET.,” said the company in a posting on its Web page that has provided updates since Saturday.  Said Colonial, “Some markets served by Colonial Pipeline may experience, or continue to experience, intermittent service interruptions during the start-up period. Colonial will move as much gasoline, diesel, and jet fuel as is safely possible and will continue to do so until markets return to normal.” Also: Colonial Pipeline attack: Everything you need to know  Colonial first announced Saturday that it proactively shut down operations after being infiltrated by ransomware software that encrypted the company’s files.  The pipeline provides roughly 45% of the East Coast’s fuel. In days following the attack, stocks of gasoline have run out across swatches of the Eastern U.S. seaboard, in states such as North Carolina and Virginia, prompting panic buying by motorists.  Law enforcement and security specialists quickly pointed to the underworld organization DarkSide as the source of the ransomware code used, and DarkSide subsequently claimed responsibilty for the attack. DarkSide operates as a “ransomware-as-a-service” cloud computing business. 

Also: DarkSide explained: The ransomware group responsible for Colonial Pipeline cyberattack Security firm FireEye has documented the nature of the DarkSide code based on a forensic analysis of the exploit, and groups that appear to have been participating in the attack uisng the code.Also Wednesday, The White House announced U.S. President Joe Biden signed an executive order calling for a number of measures to “improve the nation’s cybersecurity and protect federal government networks.”

Tech Earnings More

Zero Creatives/Getty Images Microsoft really, really, really doesn’t want you to upgrade your old Windows 10 PC to Windows 11.  That’s the logic behind the strict hardware compatibility requirements the company imposed when it launched the new operating system in 2021. If you try to install Windows 11 on a computer with a CPU from […] More