Massachusetts Offenders Get Light Prison Sentence for SIM-Swapping, Crypto Robbing, Death Threats

Two Massachusetts men were given light sentences this week over an elaborate scheme involving cryptocurrency theft, SIM-swapping, computer hacking, and death threats.

24-year-old Eric Meiggs and 22-year-old Declan Harrington were sentenced to just two years behind bars “for an extensive scheme to take over victims’ social media accounts and steal their cryptocurrency using techniques such as ‘SIM swapping,’ computer hacking, and other methods,” according to the US Department of Justice.

But older court documents say that’s not all they did during the operation. When the duo were arrested and charged by the Boston U.S. District Court in 2019, Meiggs also allegedly threatened to kill a victim's spouse in a bid to take over their Instagram account.

“On or about, November 30, 2015, Meiggs called Victim 8 and threatened to kill Victim 8's wife if Victim 8 did not give up the Instagram handle,” court documents explicitly say. “On or about December 2, 2015, Victim 8 complied with Meiggs’ demands and changed the profile name on his account, which in turn allowed Meiggs to control the victim's profile name.”

The two had initially faced a statutory maximum penalty of 20 years, but that sentence has been considerably reduced to just two years in prison for each.

The perps allegedly targeted high-profile individuals, such as executives of cryptocurrency companies and ‘Original Gangster’ social media account names.

“Meiggs and Harrington conspired to hack into and take control over these victims’ online accounts so they could obtain things of value, such as cryptocurrency,” the DOJ says.

They used SIM-swapping to port the victim’s phone number to a new SIM card, then pose as the victim with an online account provider and request that the provider send account password-reset links or an authentication code to the SIM-swapped device.

“The cybercriminals can then reset the victim’s account log-in credentials and use the log-in credentials to access the victim’s account without authorization, or ‘hack into’ the account,” the DOJ explains.

The two allegedly stole approximately $330,000 in cryptocurrency from at least 10 identified victims.