A Massachusetts man has pleaded guilty to running a scheme to take over people’s social media accounts and steal hundreds of thousands of dollars in cryptocurrency, the Department of Justice (DOJ) said.
Eric Meiggs, 23, of Brockton, admitted that he and one or more co-conspirators used an illegal practice known as “SIM-swapping” to obtain login credentials for the social media accounts of his victims, exploiting them to steal or try to steal over half a million dollars in cryptocurrency, the Justice Department said in a statement on Thursday.
Meiggs and his accomplices targeted people who they believed held significant amounts of cryptocurrency and “those who had high value or ‘OG’ (slang for ‘original gangster’) social media account names,” the statement said.
The scam involved convincing the victims’ cellphone carrier to reassign their phone number from the SIM card of the victim to a SIM card in a phone controlled by Meiggs and his co-conspirators. They would would then pose as the victims when contacting online account providers to reset log-in credentials, using those to “hack into” the accounts.
“Using an illegal practice known as ‘SIM-swapping,’ Meiggs and others conspired to hack into and take control of these victims’ online accounts to obtain things of value, including OG social media account names and cryptocurrency,” the statement said.
At least 10 people fell prey to the hustle, the DOJ said.
“Members of the conspiracy stole, or attempted to steal, more than $530,000 in cryptocurrency from these victims. Meiggs also took control of two victims’ ‘OG’ accounts with social media companies,” the statement said.
Meiggs pleaded guilty to seven counts, including conspiracy, wire fraud, computer fraud and abuse, and aggravated identity theft—crimes for which he faces a mandatory minimum sentence of two years in jail. He is scheduled to be sentenced on Sept. 15.
In a related case that made national headlines, an 18-year-old Florida teenager was sentenced to three years behind bars for a scam that used hacked celebrity Twitter accounts—including of President Joe Biden, Bill Gates, and Elon Musk—to dupe ordinary people out of their money.
The perpetrator in the case, Graham Clark, reached a deal with prosecutors, under which he pleaded guilty to 30 counts—including organized fraud and fraudulent use of personal information—and will serve three years in a juvenile facility, the state attorney’s office said in March.
The scam involved Clark taking over a number of high-profile Twitter accounts after persuading a Twitter employee that he worked in the company’s IT department, according to the Tampa Bay Times.
Once Clark accessed the accounts, he shared a link to a bitcoin address on Twitter and wrote, “all bitcoin sent to our address below will be sent back to you doubled!” prompting a number of people to send in cryptocurrency in hopes of a quick profit.
“Instead Clark kept the money,” the state attorney’s office wrote, adding that the so-called Bit-Con grift netted him more than $117,440. The money was seized by law enforcement and is expected to be returned to the rightful owners.
The incident represented an embarrassing security breach for Twitter, which was forced to suspend all verified accounts from sending tweets for several hours while it scrambled to secure the platform.