The FBI recently busted a group of criminals that it believes were stealing cryptocurrency and coordinating their efforts through the first-person shooter game Call of Duty.
According to the Chicago Sun-Times, which has seen the first-hand report from a court filing in Chicago, the FBI alleges that the criminals involved stole more than $3.3 million USD in a variety of cryptocurrencies, including Reputation and Ethereum tokens and that the thieves coerced other Call of Duty players into joining their criminal activities.
Two men from outside of Chicago say they met the group of cybercriminals looking to recruit more people into their ranks while using the voice chat in Call of Duty.
According to the FBI affidavit, both men said they were forced to join in the criminal activities under threat of being SWATed, which is when someone makes a fake criminal report against their target, spurring heavily-armed law enforcement to descend upon their house, with guns armed and ready. This isn’t a mere prank: At best this is a terrifying ordeal for the victim, and at worst it can turn deadly.
The two men who were roped into the group’s schemes were given some basic information about their victims – like names and phone numbers. That’s enough to do a basic search and find publicly available information, including an address. With this information in hand, the men were able to socially engineer phone companies into giving them access to the victim’s cellphone account.
While the affidavit apparently does not explicitly state how this was done, presumably they used this information to pose as the victims and pretend they had lost access to their phone and needed assistance – they could then take over the victim’s phone accounts, akin to SIM swapping.
With phone access in hand, the criminal group could then hack the victim’s cryptocurrency accounts and abscond with the money. In all, the FBI says more than 100 people’s phones were compromised in this fashion, leading to the $3.3 million in cryptocurrency quickly shuttled from victims to the criminals’ own wallets.
It’s not entirely clear right now how gaining phone access gave these criminals the ability to make off with the cryptocoins, but it sounds similar to a SIM swapping attack, where the attacker doesn’t need physical access to someone’s phone, just access to the person’s account so they can assign the phone number to a phone the attacker has access to.
The two Chicago-area men maintain that they’re victims in all of this themselves, caught up in a criminal scheme against their will. Thus far, though they are named in the affidavit, they have not been charged with any crime by the FBI.