Obby the “Hacker” aka Sim Swapper

November 2nd was a pretty average day, with an average amount of orders and I was enjoying my 6–10PM break I give myself to enjoy spending some time with my kids.

Enter Obby…

Obby was a customer on Coincards.ca, who ordered a $1000 newegg card but then immediately started demanding a refund even though his transaction was yet to be completed. Worst part was, he didn’t even send enough BTC for his order, maybe he’s new to bitcoin? I told him I would get someone to refund it at 10pm, no problem.

Big problem for Obby.. First came the tweets

then the emails to my PERSONAL email address,

Then the text messages to my personal phone line. I insisted he must wait…

And this is where things get weird.

Around 9:20PM I noticed a barrage of emails from Google. My account had been accessed by an IP address in Los Angeles (A vpn). I went to grab my cell phone and noticed I had no service.

I knew exactly what happened, I had been attacked via Sim Swap.

I immediately called Rogers (Who actually had on file that I was a potential for this attack, so I am clueless as to why they let this happen). The Rogers rep immediately identified that approx 20 minutes before, someone had called in to port my number to a new sim. He reversed this change and I now had my phone back.

While on the phone, I managed to reset my Gmail password. My gmail account is actually a legacy google apps account which is tied to my own domain. This worked out in my favour, as gmail gave me the option of using my domains DNS to verify that I was indeed the owner of the email addresses.

I immediately changed my password and logged into my gmail account.

Here is what Obby had time to access:

  • Gmail — Once Obby accessed my gmail account, he made a few stupid mistakes that verified it was him doing the attack.
  1. He reset my master reset email to use an email from his @obnoxious.eu domain, which is also prominently located on his twitter account.
  • Dropbox — This is an old account, anything stored on here would be 3–4 years old and probably only be used to sync a few third party services I don’t give a shit about. Any important data is secured elsewhere.

Unfortunately due to an ongoing investigation, I was not able to disclose ALL of my evidence towards obby.

After the “Hack”

After the hack, Obby started to message me on twitter again asking for his refund.

The post received a lot of attention from his friends, and was retweeted with all the lol’s.

We have since contact the authorities, and contacted our lawyers. We have been advised that all further claims on this transaction will need to be conducted through our lawyer.

Obby refuses to meet KYC laws, and will not give us any information to complete his refund. We are open and willing to a refund of his funds as long as we can complete our due diligence processes.

Until then, his funds are safely held here:
https://blockchain.info/address/3FFWcbVnRh7EFjp9kQ1cguBawSfmUva4dt

I wanted to publish this, as a warning to others and as a “defence” of any scamming claims we face due to this situation.

--

--

Vancouverite, kinda. Entrepreneur. Bitcoin Enthusiast. Father of two great kids! CEO of Coincards.com

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Mike Olthoff

Vancouverite, kinda. Entrepreneur. Bitcoin Enthusiast. Father of two great kids! CEO of Coincards.com