#ScatteredSpider hacker Noah Michael Urban sentenced to 10 years in prison and ordered to pay $13 million after #SIMSwapping and phishing scam related crimes.
Read: https://hackread.com/scattered-spider-hacker-noah-michael-urban-jailed/
#SimSwapping
SIM-Swapper, Scattered Spider Hacker Gets 10 Years - A 20-year-old Florida man at the center of a prolific cybercrime group known as “S... https://krebsonsecurity.com/2025/08/sim-swapper-scattered-spider-hacker-gets-10-years/ #judgeharveye.schlesinger #neer-do-wellnews #noahmichaelurban #scatteredspider #news4jax.com #scatterswine #simswapping #mailchimp #starfraud #doordash #lastpass #t-mobile #kingbob #oktapus #unc3944 #thecom #twilio #plex #sosa
SIM-Swapper, Scattered Spider Hacker Gets 10 Years
https://krebsonsecurity.com/2025/08/sim-swapper-scattered-spider-hacker-gets-10-years/
#JudgeHarveyE.Schlesinger #Ne'er-Do-WellNews #NoahMichaelUrban #ScatteredSpider #News4Jax.com #ScatterSwine #SIMSwapping #Mailchimp #StarFraud #DoorDash #lastpass #T-Mobile #KingBob #Oktapus #UNC3944 #TheCom #Twilio #Plex #Sosa
Reconnaissance faciale & vérifications d'empreintes digitales, le nouveau système de vérification biométrique en quasi temps réel conçu par 🇬🇧 Vigilate AI se généralisera à tous les points de vente MTN Afrique du Sud. #telecom #stores #customers #services #citizens #digital #identity #marketplace #surveillance #ai #technologies #systems #biometrics #idtheft #scams #mobile #phone #frauds #solutions #escroqueries #threats #arnaques #simswapping [ https://www.itweb.co.za/article/mtn-sa-launches-real-time-biometric-id-in-all-stores/lwrKxq3Y95b7mg1o ] #informatique
MTN South Africa has announced the full-scale deployment of a digital ID system, with real-time biometrics, on any device across all MTN stores nationwide.
Because physical SIMs, like any "cryptographic chipcard" (i.e. @nitrokey ) did all that fancy public/private crypto on silicon and unless that was compromizeable (which AFAICT always necessistated physical access to the #SIM, espechally in pre-#OMAPI devices) the SIM wasn't 'cloneable' and the weakest link always had been the #MNO /.#MVNO issueing (may it be through #SocialHacking employees into #SimSwapping or LEAs showng up with a warrant and demanding "#LawfulInterception"):
- These "attack vectors" were known and whilst unfixable they could at least be mitigated by i.e. NEVER using a #PhoneNumber for anything and/or using anonymously obtained #SIMs. But more and more services like @signalapp did #regression demanding #PII and more and more nations criminalized #AnonymousSimCards under utterly #cyberfacist & #FalsePretenses!
Add to that the regression in flexibility:
Unlike a #SimCard which was designed as a vendor-independent, #MultiVendor, #MultiProvider, device agnostic unit to facilitate the the #authentification and #encryption in #GSM (and successor standards), #eSIMs act to restrict #DeviceFreedom and #ConsumerChoice, which with shit like #KYC per #IMEI (i.e. #Turkey demands it after 90 days of roaming per year) und #lMEI-based #Allowlisting (see #Australia's shitty #VoLTE + #2G & #3G shutdown!) are just acts to clamp down on #privacy and #security.
- And with #EID being unique per #eSIM (like the #IMEI on top!) there's nothing stopping #cyberfacist regimes like "P.R." #China, #Russia, #Iran, ... from banning "#eSIMcards" (#eSIM in SIM card form factor) or entire device prefixes (i.e. all phones that are supported by @GrapheneOS ), as M(V)NOs see the EID used to deploy/activate a profile (obviously they don't want people to activate eSIMs more than once, unless explicitly allowed otherwise.
"[…] [Technologies] must always be evaluated for their ability to oppress. […]
- Dan Olson
And now you know why I consider a #smartphone with eSIM instead of two SIM slots not as a real #DualSIM device because it restricts my ability to freely move devices.
- And whilst German Courts reaffirmed §77 TKG (Telco Law)'s mandate to letting people choose their devices freely, (by declarong #fees for reissue of eSIMs illegal) that is only enforceable towards M(V)NOs who are in #Germany, so 'good luck' trying to enforce that against some overseas roaming provider.
Thus #Impersonation attacks in GSM-based networks are easier than ever before which in the age of more skilled than ever #Cybercriminals and #Cyberterrorists (i.e. #NSA & #Roskomnadnozr) puts espechally the average #TechIlliterate User at risk.
- I mean, anyone else remember the #Kiddies that fucked around with #CIA director #Brennan? Those were just using their "weapons-grade #boredom", not being effective, for-profit cyber criminals!
And then think about those who don't have privilegued access to protection by their government, but rather "privilegued access" to prosecution by the state because their very existance is criminalized...
The only advantage eSIMs broight in contrast is 'logistical' convenience because it's mostly a #QRcode and that's just a way to avoid typos on a cryptic #LocalProfileAgent link.
𒐫Tipp Nummer 4: besitze keine Kreditkarte Tipp Nummer 5: zahle deine Miete / Kredite und behalte niemals mehr als du brauchst auf deinem Konto. Sichere alles was du dir sparst Zuhause iwo. Nicht nur wegen hacmini sondern auch wegen den Banken. Falls es mal Stromausfälle geben sollte wie in Spanien oder Portugal für eine längere Zeit oder im schlimmsten Fall ein Krieg bricht aus, ist dein Erspartes futsch. Ja hört sich extrem an aber gehe auf Nummer sicher. Man weis nie 😅𒐫 #simswapping https://m.youtube.com/watch?v=-V75SujMTzg&pp=0gcJCfwAo7VqN5tD #simswapping
AT&T rolls out Account Lock to stop SIM swappers - because apparently "please don't steal my phone number" wasn't clear enough the first time. 📱🔒
SIM swapping = criminals hijack your number to intercept 2FA codes. AT&T joins T-Mobile, Verizon & Google Fi in offering this protection.
The Register: SEC SIM-swapper who Googled ‘signs that the FBI is after you’ put behind bars. “An Alabama man who SIM-swapped his way into the SEC’s official X account, enabling a fake ETF announcement that briefly pumped Bitcoin, has been sentenced to 14 months in prison and three years of supervised release. Prior to his conviction and sentencing on Friday, Eric Council Jr., 26, of […]
Eric Council Jr., 26, gets 14 months in prison for a 2024 SIM swap that let hackers post a fake Bitcoin #ETF approval from the SEC’s X account.
Read: https://hackread.com/man-sec-bitcoin-hoax-tweet-sentenced-sim-swap-hack/
@Efani and this is why I don't do #OnlineBanking or #PhoneBanking!
- Not that people haven't tried #SimSwapping against me. They just failed for all the right reasons!
Estafadores pueden tomar el control de su número telefónico y robarle dinero
El Banco Nacional (BN) advirtió este viernes a la población sobre el SIM Swapping, un fraude en el que los delincuentes toman el control de líneas telefónicas para interceptar códigos de verificación y acceder a cuentas bancarias. Este fraude ocurre cuando los delincuentes logran activar un nuevo chip con el número de teléfono de la […]
Nearly 30 security flaws were fixed in Google’s May Pixel update.
But one stands out:
CVE-2025-27363 — an exploit that’s already being used in the wild.
Google didn’t say much about it. No technical breakdown, no specific targets mentioned. Just a short warning: this one’s facing “limited, targeted exploitation.”
And that’s exactly what makes it terrifying.
Because the most dangerous exploits are the ones you never see coming.
They don’t slow your phone down.
They don’t show popups.
They don’t crash your apps.
They just silently unlock access — and wait.
In today’s threat landscape, attackers don’t brute-force their way in. They slip through invisible cracks. A zero-day exploit in your OS can easily be the first move in a chain that ends with a SIM swap, stolen credentials, or even full device takeover.
And once that’s done, everything tied to your phone — email, banking, crypto, cloud access — is suddenly up for grabs.
If you use a Pixel, update now.
If you use any Android, audit your OS version and security patches.
If you care about your privacy, treat these updates like digital vaccines.
The real threat isn’t just in the vulnerability itself.
It’s in the time between discovery and your response.
$38,000… GONE while he was sleeping.
That’s how fast SIM-swapping can destroy your financial life.
In just 3 hours, a hacker took over Justin Chan’s phone number, intercepted his two-factor codes, and emptied his bank and trading accounts. No alarms. No notifications. Just silent access and drained funds.
It didn’t happen because he was careless.
It happened because the attacker exploited a broken system:
- His mobile carrier transferred his number to a new device without proper checks
- His 2FA codes were sent to that new device
- His bank and investment apps trusted that number
This is the $38,000 mistake most people never see coming. Because by the time you realize something is wrong — it’s already too late.
The worst part? Getting the money back was harder than the hack itself.
It took media pressure, endless follow-ups, and months of stress just to get refunded.
Mobile numbers are the new master key — and most people are handing them out unlocked.
If your 2FA is tied to your phone number, it's time to change that.
If your carrier doesn’t lock down your SIM by default, it’s time to upgrade.
And if your bank’s idea of protection is a form letter and a closed case, don’t wait for a wake-up call at 3AM.
Digitalisering kan best voordelen hebben, maar heeft ook een boel nadelen. Nu lees ik weer over #simswapping
https://www.ad.nl/tech/sim-swapping-dieven-stelen-je-telefoonnummer-en-je-crypto~a1e65571/
Alleged ‘Scattered Spider’ Member Extradited to U.S. - A 23-year-old Scottish man thought to be a member of the prolific Scattered Spider... https://krebsonsecurity.com/2025/04/alleged-scattered-spider-member-extradited-to-u-s/ #tylerrobertbuchanan #neer-do-wellnews #alittlesunshine #scatteredspider #ahmedelbadawy #simswapping #evansosiebo #ransomware #joelevans #mailchimp #noahurban #doordash #group-ib #lastpass #0ktapus #caesars #twilio #tylerb #okta #mgm
Alleged ‘Scattered Spider’ Member Extradited to U.S.
https://krebsonsecurity.com/2025/04/alleged-scattered-spider-member-extradited-to-u-s/
#TylerRobertBuchanan #Ne'er-Do-WellNews #ALittleSunshine #ScatteredSpider #AhmedElbadawy #SIMSwapping #EvansOsiebo #SIMswapping #Ransomware #ransomware #JoelEvans #Mailchimp #NoahUrban #DoorDash #Group-IB #lastpass #0ktapus #Caesars #Twilio #Tylerb #Okta #MGM
Noah Urban, aka "King Bob" and a suspected member of Scattered Spider, pleaded guilty this week in a case involving wire fraud, cryptocurrency theft, phishing, and simswapping. He had cases against him in Florida and California. Other people indicted with him have yet to be tried or to make plea deals, and one young man from Scotland has been detained in Spain pending determination of extradition request (I haven't found any update on the extradition case).
or jump directly to Urban's plea agreement:
https://storage.courtlistener.com/recap/gov.uscourts.flmd.422789/gov.uscourts.flmd.422789.66.0.pdf
#wirefraud, #cryptocurrency, #phishing, #simswapping, #identitytheft
Schluss mit SMS-Codes: Google ersetzt Authentifizierung bei Gmail durch QR-Codes
Google hat angekündigt, die SMS-basierte Zwei-Faktor-Authentifizierung (2FA) bei Gmail durch QR-Codes zu ersetzen. Mit dieser Änderung verfol
https://www.apfeltalk.de/magazin/news/schluss-mit-sms-codes-google-ersetzt-authentifizierung-bei-gmail-durch-qr-codes/
#News #Services #Authentifizierung #Gmail #Google #Kontoschutz #Phishing #QRCode #Sicherheit #SIMSwapping #SMSCodesAblsen #ZweiFaktorAuthentifizierung
The Register: Man who SIM-swapped the SEC’s X account pleads guilty. “An Alabama man is pleading guilty after being charged with SIM swapping the Securities and Exchange Commission’s (SEC) X account in January last year. Twenty-five-year-old Eric Council Jr was charged with the offense in October and the Justice Department said at the time he was part of a group who attempted to manipulate […]
https://rbfirehose.com/2025/02/12/the-register-man-who-sim-swapped-the-secs-x-account-pleads-guilty/
Sutel ordena a Claro indemnizar por ₡6 millones a víctima de SIM swapping
Delincuentes utilizaron cédula falsa para que tramitar una reposición de SIM ante la empresa de telecomunicaciones y luego lo utilizaron para obtener acceso a cuentas bancarias.
La entrada Sut [...]
#AdrianaRojasRivero #Aprodeco #AsociaciónProDefensaAlConsumidor #Ciberdelincuencia #Claro #Delincuencia #Estafa #Fraude #País #SIM #SUTEL #SimSwapping #SuperintendenciaDeTelecomunicaciones #ÚltimaHora
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst