ResearchBuzz: FirehoseThe Register: SEC SIM-swapper who Googled ‘signs that the FBI is after you’ put behind bars. “An Alabama man who SIM-swapped his way into the SEC’s official X account, enabling a fake ETF announcement that briefly pumped Bitcoin, has been sentenced to 14 months in prison and three years of supervised release. Prior to his conviction and sentencing on Friday, Eric Council Jr., 26, of […]
Hackread.comEric Council Jr., 26, gets 14 months in prison for a 2024 SIM swap that let hackers post a fake Bitcoin #ETF approval from the SEC’s X account.
Read: https://hackread.com/man-sec-bitcoin-hoax-tweet-sentenced-sim-swap-hack/
Kevin Karhan 
@Efani and this is why I don't do #OnlineBanking or #PhoneBanking!
- Not that people haven't tried #SimSwapping against me. They just failed for all the right reasons!
crhoy.comEstafadores pueden tomar el control de su número telefónico y robarle dinero
El Banco Nacional (BN) advirtió este viernes a la población sobre el SIM Swapping, un fraude en el que los delincuentes toman el control de líneas telefónicas para interceptar códigos de verificación y acceder a cuentas bancarias. Este fraude ocurre cuando los delincuentes logran activar un nuevo chip con el número de teléfono de la […]
EfaniNearly 30 security flaws were fixed in Google’s May Pixel update.
But one stands out:
CVE-2025-27363 — an exploit that’s already being used in the wild.
Google didn’t say much about it. No technical breakdown, no specific targets mentioned. Just a short warning: this one’s facing “limited, targeted exploitation.”
And that’s exactly what makes it terrifying.
Because the most dangerous exploits are the ones you never see coming.
They don’t slow your phone down.
They don’t show popups.
They don’t crash your apps.
They just silently unlock access — and wait.
In today’s threat landscape, attackers don’t brute-force their way in. They slip through invisible cracks. A zero-day exploit in your OS can easily be the first move in a chain that ends with a SIM swap, stolen credentials, or even full device takeover.
And once that’s done, everything tied to your phone — email, banking, crypto, cloud access — is suddenly up for grabs.
If you use a Pixel, update now.
If you use any Android, audit your OS version and security patches.
If you care about your privacy, treat these updates like digital vaccines.
The real threat isn’t just in the vulnerability itself.
It’s in the time between discovery and your response.
$38,000… GONE while he was sleeping.
That’s how fast SIM-swapping can destroy your financial life.
In just 3 hours, a hacker took over Justin Chan’s phone number, intercepted his two-factor codes, and emptied his bank and trading accounts. No alarms. No notifications. Just silent access and drained funds.
It didn’t happen because he was careless.
It happened because the attacker exploited a broken system:
- His mobile carrier transferred his number to a new device without proper checks
- His 2FA codes were sent to that new device
- His bank and investment apps trusted that number
This is the $38,000 mistake most people never see coming. Because by the time you realize something is wrong — it’s already too late.
The worst part? Getting the money back was harder than the hack itself.
It took media pressure, endless follow-ups, and months of stress just to get refunded.
Mobile numbers are the new master key — and most people are handing them out unlocked.
If your 2FA is tied to your phone number, it's time to change that.
If your carrier doesn’t lock down your SIM by default, it’s time to upgrade.
And if your bank’s idea of protection is a form letter and a closed case, don’t wait for a wake-up call at 3AM.
AlfredDigitalisering kan best voordelen hebben, maar heeft ook een boel nadelen. Nu lees ik weer over #simswapping
https://www.ad.nl/tech/sim-swapping-dieven-stelen-je-telefoonnummer-en-je-crypto~a1e65571/
ITSEC NewsAlleged ‘Scattered Spider’ Member Extradited to U.S. - A 23-year-old Scottish man thought to be a member of the prolific Scattered Spider... https://krebsonsecurity.com/2025/04/alleged-scattered-spider-member-extradited-to-u-s/ #tylerrobertbuchanan #neer-do-wellnews #alittlesunshine #scatteredspider #ahmedelbadawy #simswapping #evansosiebo #ransomware #joelevans #mailchimp #noahurban #doordash #group-ib #lastpass #0ktapus #caesars #twilio #tylerb #okta #mgm
KrebsOnSecurity RSSAlleged ‘Scattered Spider’ Member Extradited to U.S.
https://krebsonsecurity.com/2025/04/alleged-scattered-spider-member-extradited-to-u-s/
#TylerRobertBuchanan #Ne'er-Do-WellNews #ALittleSunshine #ScatteredSpider #AhmedElbadawy #SIMSwapping #EvansOsiebo #SIMswapping #Ransomware #ransomware #JoelEvans #Mailchimp #NoahUrban #DoorDash #Group-IB #lastpass #0ktapus #Caesars #Twilio #Tylerb #Okta #MGM
Dissent Doe 
Noah Urban, aka "King Bob" and a suspected member of Scattered Spider, pleaded guilty this week in a case involving wire fraud, cryptocurrency theft, phishing, and simswapping. He had cases against him in Florida and California. Other people indicted with him have yet to be tried or to make plea deals, and one young man from Scotland has been detained in Spain pending determination of extradition request (I haven't found any update on the extradition case).
or jump directly to Urban's plea agreement:
https://storage.courtlistener.com/recap/gov.uscourts.flmd.422789/gov.uscourts.flmd.422789.66.0.pdf
#wirefraud, #cryptocurrency, #phishing, #simswapping, #identitytheft