With the trick of intercepting the victim’s mobile phone SIM, Joel Ortiz, a college student living separately from society, appropriated millions of dollars worth of cryptocurrency.
In May 2018, Darren Marble was attending a cryptocurrency conference in New York when he found himself the victim of a new form of crime, causing heavy financial damage.
Sophisticated methods of crime
The first sign that something is wrong is when Marble, a streaming film producer, has a problem with his mobile phone. He can’t connect to email or send messages.
That night, when he returned to his hotel room, logged into the Wi-Fi network and learned more, his fears became a reality. Marble’s crypto wallet has been drained. “I lost $100,000 in cryptocurrency. I always thought to myself, ‘This is not real,'” Marble recalled feeling at the time.
Marble calls his wife in a panic, feeling hopeless and embarrassed to explain what happened. When the money disappeared, he could see it transferred to someone else’s wallet, but he couldn’t know who those wallets belonged to, because the basic nature of cryptocurrencies is anonymity.
Darren Marble lost all his cryptocurrency after being hacked by SIM swapping. Photo: VICE.
“I just remember that I had a feeling of disappointment in my heart. I felt guilty, ashamed, naïve and embarrassed,” he said. “Then I wondered, ‘What’s going to happen next?’ Who will you call when you get hacked?”
Marble is one of the victims of a growing new form of cybercrime called “SIM swapping”, which involves major cryptocurrency thefts, causing millions of dollars in damages.
This technique involves hackers tricking or bribing mobile network employees to redirect the victim’s phone number to another phone number, giving them access to all the victim’s calls and messages, allowing the hacker to reset the password, and finally wiping out the data in the victim’s account.
Thief Portrait
The hacker who had the phone used to steal Marble’s cryptocurrency was Joel Ortiz, an 18-year-old college student who stole more than $7.5 million from his mother’s apartment in Boston in this way.
Ortiz, a socially segregated teenager who only interacts via the Internet, has squandered large sums of money stolen from crypto investors into a lavish lifestyle, far from the simple childhood of a single immigrant mother with disabilities.
The story of Ortiz’s remarkable wave of crime and the team of investigators who brought him to justice is told in The Crypto Bandit – a new documentary in VICE’s Cowboy Kings of Crypto series.
“Ortiz is a smart guy,” said Erin West, deputy district attorney for Santa Clara, California, where Ortiz was charged and became the first person convicted of “SIM swapping” in the United States.
Ortiz is the main character in the documentary The Crytpo Bandit. Photo: VICE.
“He graduated as valedictorian of his class and received a scholarship to UMass. We know that Ortiz has skills that are really useful in this way. He exploited a weakness that I don’t think the rest of the country really thinks much about.”
Using the nickname @0, Ortiz is a member of a group of hackers, teaming up with other hackers to commit crimes. According to investigators, he and others in the gang targeted individuals who publicly invested in cryptocurrencies, making a list of potential wealthy targets in hopes of catching a “whale.”
With a successful mission, Ortiz and his accomplices seem to have won the jackpot. Saswata Basu, the founder of a Silicon Valley-based company that raised capital from the cryptocurrency market, also became a victim of Ortiz.
Like Marble, he found out he had been hacked when his phone appeared with a message about his password being changed. But the scale of the theft from Basu will overshadow Marble’s loss. “There’s a wallet… have been hacked. The amount is about $5 million,” he revealed to VICE.
Ortiz showed off his newfound wealth on social media: bought Gucci clothes and branded goods, rented a luxury mansion in Los Angeles to party.
“If you were an 18-year-old kid and just stole $5 million, what would you do with that money?” said Samy Tarazi, a criminal investigator at the Santa Clara County Prosecutor’s Office.
Tarazi is a member of REACT, an elite task force formed in California to tackle this type of cybercrime. “The answer is always something silly. This guy went from Boston to Hollywood and rented an Airbnb.”
Ortiz’s habit of posting his bohemian lifestyle on social media only helps investigators. Eventually, he was arrested at LAX airport, as he was about to board a flight to Europe.
In April 2019, Ortiz was sentenced to 10 years in prison after failing to appeal eight counts of identity theft and computer crime. He is currently serving his sentence at Centinela Prison in California and is expected to be released in 2028.
Difficult to deal with consequences
According to VICE, the majority of the stolen cryptocurrency, amounting to millions of dollars, has yet to be found. Hacker groups have “washed up” in different ways, almost impossible to trace.
After stealing millions of dollars, Ortiz spent his life in luxury. Photo: VICE.
For Marble, there was an unexpected glimmer of hope. Shortly after the theft, he received an email from the Supreme Court of Ireland, informing him that one of Ortiz’s accomplices – a Dublin-based hacker named Conor Freeman – had been arrested and that his stolen money had been recovered.
Freeman was sentenced in November 2020 to two years and 11 months in prison.
“It was another unbelievable moment,” said Marble, who was given back $90,000 in stolen cryptocurrency. “Basically, I was healed right away.”
But most victims are not so lucky. Tarazi said the whereabouts of the millions of dollars stolen by the hacker group remained a mystery.
“We don’t know if they gave it to a trusted third party that we haven’t identified, or buried it in some forest and will take it when they get out of prison,” he added.