Saturday, January 18, 2025
HomeCyber Attack‘SIM Swapper’ Pleads Guilty For Hacking Instagram User Accounts

‘SIM Swapper’ Pleads Guilty For Hacking Instagram User Accounts

Published on

SIEM as a Service

Follow Us on Google News

A 24-year-old man named Amir Hossein Golshan from Downtown Los Angeles has pleaded guilty for hacking Instagram users’ accounts, using a technique called “SIM swapping” to obtain money fraudulently.

The charges consist of illegally accessing a secured computer to acquire data, a single charge of wire fraud, and another charge of accessing a computer for the purpose of obtaining financial benefits.

According to Attorney, he was taken into federal custody last month due to his criminal activities and violation of the terms of his pretrial release.

He was involved in the theft from April 2019 to February 2023 by executing multiple online schemes to defraud hundreds of users through various online scams and unauthorized intrusions into victims’ digital accounts, including social media account takeovers, Zelle payment fraud, and impersonating Apple support.

Over the course of several years, hundreds of victims have suffered losses amounting to $740,000.

Pleads Guilty to SIM Swapping

SIM swapping and social media account takeovers:

SIM swapping, also called SIM splitting, or sim jacking, is a fraudulent technique used by hackers to gain control of your phone number; with your phone number, hackers can take advantage of two-factor authentication to gain access to your bank accounts, social media accounts.

Golshan used this technique and targeted both account users and their online friends by tricking them into sending him money.

 Zelle merchant fraud:

In 2019, Golshan falsely claimed that he could obtain verified Instagram badges for a user’s teenage daughter and convinced her to send $300 through electronic payment.

 Apple Support fraud and NFT/cryptocurrency theft:

Golshan impersonates to gain access to several victims’ Apple iCloud accounts to steal NFTs, cryptocurrency, and other valuable digital property; by this, he earned between $2,000 and $389,000 each.

Through this incident, he was sentenced to a maximum of 20 years in federal prison for a wire fraud count and 5 years for a computer access count.

Latest articles

Hackers Easily Bypass Active Directory Group Policy to Allow Vulnerable NTLMv1 Auth Protocol

Researchers have discovered a critical flaw in Active Directory’s NTLMv1 mitigation strategy, where misconfigured...

AWS Warns of Multiple Vulnerabilities in Amazon WorkSpaces, Amazon AppStream 2.0, & Amazon DCV

Amazon Web Services (AWS) has issued a critical security advisory highlighting vulnerabilities in specific...

FlowerStorm PaaS Platform Attacking Microsoft Users With Fake Login Pages

Rockstar2FA is a PaaS kit that mimics the legitimate credential-request behavior of cloud/SaaS platforms....

New Tool Unveiled to Scan Hacking Content on Telegram

A Russian software developer, aided by the National Technology Initiative, has introduced a groundbreaking...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

More like this

Hackers Easily Bypass Active Directory Group Policy to Allow Vulnerable NTLMv1 Auth Protocol

Researchers have discovered a critical flaw in Active Directory’s NTLMv1 mitigation strategy, where misconfigured...

AWS Warns of Multiple Vulnerabilities in Amazon WorkSpaces, Amazon AppStream 2.0, & Amazon DCV

Amazon Web Services (AWS) has issued a critical security advisory highlighting vulnerabilities in specific...

FlowerStorm PaaS Platform Attacking Microsoft Users With Fake Login Pages

Rockstar2FA is a PaaS kit that mimics the legitimate credential-request behavior of cloud/SaaS platforms....