| 14.1°C Dublin

Irishman (20) facing more than 100 years in US prison for alleged $2.5m cryptocurrency fraud


Stock Image

Stock Image

Stock photo

Stock photo


Stock Image

A 20-year-old Irish man is facing more than 100 years in a US prison for allegedly stealing more than $2 million dollars in Bitcoin and other cryptocurrencies online.

The Irish suspect has been named in a court in Michigan as Conor Freeman (20), from Glenageary Court in south Dublin.

Freeman was arrested at his home yesterday by garda officers and taken before the High Court in Dublin where he was remanded in custody until May 22.

Freeman and five others have been indicted on 15 counts with wire fraud, conspiracy to commit wire fraud and aggravated identity theft.

The indictments relate to seven online attacks that resulted in the theft of cryptocurrency valued at about $2,416,352.

Garda officers from the drugs and organised crime bureau (Docb) and members of the Criminal Assets Bureau have been working closely with US agencies on the case for several weeks. Authorities are now seeking his extradition to face charges in the U.S.

Det Sgt Jim Kirwan, of the garda extradition unit, told the High Court on Thursday that he arrested Mr Freeman at his home address in Dun Laoghaire at approximately 8am that morning, May 9, 2019, and showed him an original warrant. Details of the arrest are being published now.

When asked whether he knew about the allegations, Mr Freeman said “I do,” according to Det Sgt Kirwan.

Mr Justice Donald Binchy remanded Mr Freeman in custody to appear before the High Court on May 22 next, when an application for bail is expected to be made.

During the raid on Freeman's house gardai seized two computers, gaming equipment, mobile phones, passport, a small quantity of drugs, €3,800 in cash, three watches including a Rolex, MK and Fossil and documentation relating to passwords for cryptocurrency electronic wallets.

Gardai had earlier secured a warrant to search the house from Dublin district court under section 74 of the Criminal Justice (Mutual Assistance) Act 2008.

The other defendants are from Florida, Iowa, New York, Missouri and Connecticut.

According to the indictment presented to the court in the eastern district of Michigan, the defendants are members of "The Community" and are alleged to have participated in thefts of victims' identities in order to steal cryptocurrency via a method know as "SIM hijacking".

Cryptocurrencies, also known as virtual currencies or digital currencies, are online media of exchange and the most famous is bitcoin.

Like traditional currency, they act as a store of value and can be exchanged for goods and services. They can also be exchanged for cash.

The indictment was announced by US attorney Matthew Schneider and Angie Salazar, acting special agent in charge, from the US immigration and customs enforcement's homeland security investigations in Detroit.

Daily Digest Newsletter

Get ahead of the day with the morning headlines at 7.30am and Fionnán Sheahan's exclusive take on the day's news every afternoon, with our free daily newsletter.

This field is required

According to a statement issued by Mr Schneider, "SIM hijacking" or "SIM swapping" is an identity theft technique that exploits a common cyber security weakness - mobile phone numbers.

This tactic, he said, enabled "The Community" to gain control of victims' mobile phone numbers, resulting in the victims' phone calls and short message service (SMS) messages being routed to devices controlled by them.

"SIM hijacking" was often facilitated by bribing an employee of a mobile phone provider.

On other occasions, it was carried out by a member of "The Community" contact a mobile phone provider's customer service, posing as a victim, and requesting that the victim's phone number be swapped to a SIM card, and thus a mobile device, controlled by "The Community".

The indictment alleges that when "The Community" gained control of a victim's phone number, it was leveraged as a gateway to secure control of online accounts, such as a victim's email,cloud storage and cryptocurrency exchange accounts.

"The Community" could use their control of victims' phone numbers to reset passwords on online accounts and/or request two-factor authentication (2FA) codes that allowed them to bypass security measures.

The members of "The Community", charged in the indictment, endeavoured to gain control of victims's cryptocurrency wallets or online cryptocurrency exchange accounts and steal victims' funds.

It is alleged in the indictment that the defendants carried out seven attacks that result in the theft of cryptocurrency valued at $2,416,352.

Separate criminal complaint charges allege that three former employees of mobile phone providers, two from Tucson, Arizona and one from Murrietta, California, were involved in wire fraud related to the conspiracy.

They are accused of helping members of "The Community" to steal the identities of subscribers to their employers services, in exchange for bribes.

Mr Schneider said: "Mobile phones today are not only a means of communication but also a means of identification.

"This case should serve as a reminder to all of us to protect our personal and financial information from those who seek to steal it".

Ms Salazar said: "The allegations against these defendants are the result of a complex cryptocurrency and identity theft investigation, led by Homeland Security Investigations (HSI), which spanned two continents.

"Increasingly, criminal groups are turning exclusively to web-based schemes to further their illicit activities, which is why HSI has developed capabilities to meet these threats head on".

If convicted on the charge of conspiracy to commit wire fraud, Freeman and the other defendants face a maximum penalty of 20 years in prison, while wire fraud also carries a maximum penalty of 20 years and aggravated identity theft in support of wire fraud 2 years in prison, to be served consecutively to any sentences imposed for wire fraud.

The US statement said the defendants in the case were presumed innocent. Indictments and criminal complaints were merely charges and it was the government's burden to prove guilty beyond a reasonable doubt.

In May 2018, a member of “The Community” involved in these attacks was arrested in the Eastern District of Michigan. This individual cooperated with US authorities, who gained access to his computers, including records of online chats between this subject and others.

Review of the chats revealed an individual identifying himself as “Conor” who allegedly played a significant role in “numerous attacks” by “The Community”, the warrant states.

US authorities have identified four attacks in which “Conor” participated that resulted in the theft of cryptocurrency valued at $2,187,977, according to the warrant.

Further investigations revealed that “Conor” is Conor Freeman, according to the warrant. It was substantiated by linking IP addresses used by “Conor” to Irish mobile phone and residential internet service providers, it adds.

The first five counts carry a maximum sentence of 20 years in prison per count while the final four counts carry a mandatory minimum sentence of two years in prison, consecutive to the underlying felony.

Most Watched