Just came across something that's a solid reminder of why mobile security matters in crypto. There's this case involving Nicholas Truglia, a guy who ran a SIM-swapping scam targeting crypto investors back in 2018, and the consequences just got way worse for him.

So here's what happened: Truglia used SIM-swapping to compromise Michael Terpin's phone - Terpin's a crypto investor and CEO of Transform Group. By transferring Terpin's phone number to his own SIM card, Truglia was able to intercept authentication messages from exchanges and banks. Pretty straightforward social engineering, but devastatingly effective. He managed to steal $24 million in cryptocurrency from Terpin this way.

Initially, Nick Truglia got hit with 18 months in prison back in 2022 plus a $20 million restitution order. The thing is, he apparently had over $61 million in assets - way more than enough to pay back what he stole - but he just... didn't. He dodged law enforcement and ignored the court's orders. Judge Alvin Hellerstein called him out on this in a July order, basically saying "yeah, you have the money, pay up." Because Truglia refused to comply, his sentence just got extended to 12 years.

Terpin didn't stop there either. He sued AT&T for $224 million for negligence in letting this happen, and filed a $75 million civil lawsuit against Truglia directly - which he won. The dude got full damages awarded by the court in 2019.

The whole thing is a pretty brutal case study in why SIM-swapping is such a threat to anyone holding significant crypto. It's not fancy hacking - it's just social engineering your way into someone's phone number, and suddenly you have access to everything. If you're serious about security, this is exactly why hardware wallets and proper 2FA setup matter so much.