A cross-border investigation has led to the arrest of a teenager in Canada suspected of a cryptocurrency theft of more than $36 million US from a single person. Officials called it the largest cryptocurrency scam involving one person in Canadian history, CTV News reports. Police did not release the age of the suspect but said he's from Hamilton, Ontario, and was arrested midway through last year. The investigation included the FBI and US Secret Service.
The method used in the US theft was a SIM swap attack, investigators said, in which thieves intercept two-factor authentication requests going through cellular networks. Investigators found that "some of the stolen cryptocurrency was used to purchase an online username that was considered to be rare in the gaming community," police said in a statement. "This transaction led investigators to uncover the account holder of the rare username."
Police suggested vigilance in protecting currency of any type, per CTV News. "If you have 15 accounts all with the same password, you're definitely not secure," said Detective Constable Kenneth Kirkpatrick. "So having different passwords for each different account, that's very important." Multifactor authentication still is central to protecting data and money, he said. Accounts often can add a factor, making for two- or three-step authentication, Kirkpatrick said. "In today's day and age, you need to kind of go one step further," he said. (More cryptocurrency stories.)