Kraken ETH SIM Swap Jeremiah Nichol
Notice: This page is a freshly imported case study from the original repository. The original content was in a different format, and may not have relevant information for all sections. Please help restructure the content by moving information from the 'About' section to other sections, and add any missing information or sources you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.
Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!
Jeremiah Nichol was a victim of SIM swapping hacking. In August 2017, he lost 41 ether in a cryptocurrency exchange due to a hacking incident that lasted less than 30 minutes. Despite having two-factor authentication (2FA) issues, he learned his lesson. In November 2018, he experienced another attack, where hackers compromised his email and exchange accounts, causing him significant losses. Joel Ortiz, a college student with tech skills, was convicted in the Santa Clara County, California, becoming the first person convicted for SIM swapping.
This exchange or platform is based in United States, or the incident targeted people primarily in United States.[1][2][3][4][5][6][7][8][9][10][11]
About Kraken
Jeremiah Nichol was a victim of SIM swapping hacking. He was hacked in August 2017, losing 41 ether in a crypto exchange. Despite implementing two-factor authentication, he fell victim to another attack in November 2018, where hackers compromised his email accounts and exchange accounts, causing him to lose thousands. Joel Ortiz, a former college student with a background in technology and a penchant for flaunting wealth, was convicted for his involvement in SIM swapping crimes. He accepted a plea deal in Santa Clara County, California, becoming the first person to be convicted for SIM swapping. Jeremiah Nichol concluded with empathy and well-wishes for Ortiz's rehabilitation and personal growth.
Jeremiah Nichol was a victim of SIM swapping hacking.
In August 2017, he fell victim to a SIM swap attack where hackers gained access to his personal email accounts and a cryptocurrency exchange, stealing 41 ether from him. The entire hacking process and loss of funds took less than 30 minutes.
Jeremiah explains that he was a victim of a hacking incident. His email account, which lacked two-factor authentication (2FA), was compromised. The hackers gained access to one of his cryptocurrency exchange accounts and stole 41.1 Ether. Despite being aware of the importance of 2FA, he had trouble setting it up quickly, as he was not very technically savvy.
Jeremiah reported the hacking incident to the FBI. He mentioned that the hackers had a static IP address from Grandview, Missouri. However, he had not received any response from law enforcement, which led him to believe that his case might not be a high priority for them.
Despite losing cryptocurrency in the first attack, Nichol did not realize the extent of the breach until February 2018 when he discovered that his senior-level Bitcoin Talk account had been sold to a company called Open Platform. This company was involved in promoting an illegal Initial Coin Offering (ICO).
On November 28, 2018, while on a walk with his wife, Nichol received notifications of password changes to his email account, which triggered a sense of panic and dread, reminiscent of his earlier hacking experience.
As he rushed back home, he noticed that multiple accounts were compromised, including his email and cryptocurrency exchange accounts. Attackers had control over his phone, enabling them to change passwords, facilitate withdrawals, and disable security features.
When contacting AT&T for assistance, they informed him that his phone had been activated elsewhere with a photo ID, which he had not done.
In desperation, Nichol attempted to communicate with the hacker through his last remaining account, asking why they were targeting him. The hacker responded with a demand for cryptocurrency.
"Ortiz was a University of Massachusetts college student at the time of his arrest. Prior to attending UMass, he attended Boston Public schools where he graduated as the valedictorian.
The Boston Globe reported that Ortiz developed a passion for technology which was later nurtured at the Boston Pilot School Another Course to College. There, Ortiz was a robotics team leader. He was planning on majoring in information technology at UMass."
"Ortiz was reportedly a fan of flaunting his money. He often wore designer clothing and rented mansions in Los Angeles. He was arrested while trying to fly out of the Los Angeles airport to go to an EDM festival in Belgium. New York Post reported he was dressed head-to-toe in Gucci at the time."
Asked by deputy district attorney.
"Joel Ortiz accepted the plea deal last week, Erin West, the Deputy District Attorney in Santa Clara County, California, told Motherboard during a meeting on Thursday. The authorities believe Ortiz is the first person to be convicted of a crime for SIM swapping, an increasingly popular and damaging hack. The prosecutors and agents who have been investigating these hacks celebrated the conviction, and said they hope that this will serve as an example for the other alleged criminals who have already been arrested, as well as the ones who have yet to be caught."
Xzavyer Narvaez, who’s accused of stealing around $1 million in Bitcoin; Nicholas Truglia, who’s also accused of stealing millions in Bitcoin; and Joseph Harris, one of the most infamous SIM swappers who allegedly stole more than $14 million in cryptocurrency.
“Each arrest that we made sent shockwaves through that community,” West said. “That they weren’t safe in their basement, they weren't safe in their room in their mom’s house, that they were being tracked down and arrested—one by one.”
West added that “in looking at Joel’s sentence—10 years—it shows that our community will not tolerate this type of crime. And we will continue to find everyone who’s responsible.”
"Almost all these investigations have stemmed from the Regional Enforcement Allied Computer Team or REACT, a task force of multiple local California police departments. Tarazi, an agent at REACT, said that during 2018, they received hundreds of reports of SIM swapping attacks from victims. Those reports, according to him, have now slowed down."
"Jeremiah Nichol wrote a letter addressing Joel Ortiz and anyone else involved in the case. Nichol expressed his anguish and frustration, as well as his efforts to report the crimes to authorities and seek justice. He acknowledged the apprehension of Joel Ortiz and expressed hope that Ortiz could use his talents for productive purposes in the future. Nichol concluded with empathy and well-wishes for Ortiz's rehabilitation and personal growth."
This exchange or platform is based in United States, or the incident targeted people primarily in United States.
The background of the exchange platform, service, or individuals involved, as it would have been seen or understood at the time of the events.
Include:
- Known history of when and how the service was started.
- What problems does the company or service claim to solve?
- What marketing materials were used by the firm or business?
- Audits performed, and excerpts that may have been included.
- Business registration documents shown (fake or legitimate).
- How were people recruited to participate?
- Public warnings and announcements prior to the event.
Don't Include:
- Any wording which directly states or implies that the business is/was illegitimate, or that a vulnerability existed.
- Anything that wasn't reasonably knowable at the time of the event.
There could be more than one section here. If the same platform is involved with multiple incidents, then it can be linked to a main article page.
The Reality
This sections is included if a case involved deception or information that was unknown at the time. Examples include:
- When the service was actually started (if different than the "official story").
- Who actually ran a service and their own personal history.
- How the service was structured behind the scenes. (For example, there was no "trading bot".)
- Details of what audits reported and how vulnerabilities were missed during auditing.
What Happened
The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.
| Date | Event | Description |
|---|---|---|
| August 17th, 2017 | Sim Swap | Jeremiah Nichol is sim swapped. |
| September 22nd, 2017 6:54:00 AM MDT | YouTube Video | Jeremiah Nichol outlines his hacking experience. |
| April 3rd, 2019 3:43:00 PM MDT | Letter Published | Jeremiah Nichol publishes his letter to Joel Ortiz. |
Technical Details
This section includes specific detailed technical analysis of any security breaches which happened. What specific software vulnerabilities contributed to the problem and how were they exploited?
Total Amount Lost
The total amount lost has been estimated at $12,000 USD.
How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?
Immediate Reactions
How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?
Ultimate Outcome
What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?
Total Amount Recovered
The total amount recovered is unknown.
What funds were recovered? What funds were reimbursed for those affected users?
Ongoing Developments
What parts of this case are still remaining to be concluded?
Individual Prevention Policies
No specific policies for individual prevention have yet been identified in this case.
For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.
Platform Prevention Policies
Policies for platforms to take to prevent this situation have not yet been selected in this case.
For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.
Regulatory Prevention Policies
No specific regulatory policies have yet been identified in this case.
For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.
References
- ↑ From Hacking $4.1 Million to Prison | The IRL Money Doubler - YouTube (Jun 19, 2023)
- ↑ From Hacking $4.1 Million to Prison | The IRL Money Doubler - YouTube (Jul 12, 2023)
- ↑ Hacker Who Stole $5 Million By SIM Swapping Gets 10 Years in Prison (Oct 24, 2022)
- ↑ Alleged 19-Year-Old SIM Swapper Used Stolen Bitcoin to Buy Luxury Cars (Oct 24, 2022)
- ↑ Man hacked into Silicon Valley execs’ phones to steal cryptocurrency: cops (Oct 24, 2022)
- ↑ Cops Arrest Infamous SIM Swapper Who Allegedly Stole $14 Million in Cryptocurrency (Oct 24, 2022)
- ↑ A Letter to Sim Swap Hacker Joel Ortiz - Sentenced to 10 Years Prison for $7M Crytpo Hack - YouTube (Oct 24, 2022)
- ↑ Sim Swapping Crypto Thief Lands 10 Years in Jail - Bitstarz News (Sep 11, 2023)
- ↑ https://coinmarketcap.com/currencies/ethereum/historical-data/ (Dec 21, 2021)
- ↑ @prodjkc Twitter (Sep 11, 2023)
- ↑ My Kraken account was hacked. My story. Don't do anything other than 2FA. Duh! 41 ETH Gone. - YouTube (Sep 11, 2023)