The SIM Farm Hardware Seized by the Secret Service Is Also Popular With Ticket Scalpers

feed@www.404media.co

Subscribe

Join the newsletter to get the latest updates.

Success

Great! Check your inbox and click the link.

Error

Please enter a valid email address.

Tuesday, the Secret Service said it “dismantled a network” of “300 co-located SIM servers and 100,000 SIM cards across multiple sites.” The Secret Service suggested that this network posed a threat to the United Nations General Assembly meeting, which was “within 35 miles” of the servers and which it said could have been used to “disable cell phone towers.” The story quickly went viral, with the New York Times and CNN’s reports being widely shared and discussed. 

CNN reported that the SIM servers were used in swatting calls against members of Congress, and the New York Times quoted an expert who said that they believed the servers could be used for espionage. As security researcher Robert Graham points out in a post called “That Secret Service SIM farm story is bogus—it’s just normal crime,” the Secret Service has not yet released any actual evidence of what the SIM servers were used for and it is unclear how such a setup could be used for “espionage.” Graham notes that, based on photos released by the Secret Service and its description of the operations, claims that such a network could have only been created by a sophisticated nation state actor are particularly ridiculous: “I can pull this off, personally. It’s just a SIM farm. Sure, there’s some capital involved, on the order of $1 million, but it could be setup and managed by a single person. It likely wasn’t setup all at once with that much money, but has been slowly growing for years as profits are funneled back into setting up more SIM accounts,” he wrote. 

The discovery of a bunch of SIM banks (also called SIM farms, SMS gateways, and several other things) anywhere is interesting from a spam / cybercrime perspective, and they give a type of cyberpunk visual that, frankly, is extremely my shit. But the breathless way this bust has been announced—with a special video announcement by Secret Service director Sean Curran and a clearly embargoed rollout with the New York Times and CNN, makes these SIM farms seem as though they are particularly special and high tech, when they clearly are not. The technology used, which can be seen clearly in photos released by the Secret Service, are regularly used by SMS scammers, spammers, and marketers, yes, but the tech is also extremely widely used by ticket scalpers seeking to create lots of Ticketmaster accounts with which to buy tickets. This is off-the-shelf technology that anyone can buy and use; if one had enough money, one could surely buy 300 of them from Ejointech, the Chinese company that makes them, and set something like this up. 

I have been familiar with and meaning to write about SIM banks for a few months now, specifically because they have become popular with ticket scalpers. Like many “anti-scalping” and anti-fraud measures taken by Ticketmaster, relatively recent updates that require SMS verification to create a new Ticketmaster account and immediately before buying tickets hasn’t actually stopped scalping. Instead, it has created a new underground market for tools that make SMS authentication at bulk easier. By adding this barrier to entry, Ticketmaster has ensured that normal fans have one single attempt to buy tickets, while motivated ticket scalpers with specialized tech can have many attempts at buying tickets. 

This SMS verification system has created a new underground market for various technologies and software that lets scalpers game this SMS verification system. SIM boxes are such an important part of that new underground market that Ejointech now advertises one of its products—which looks very much like the models shown in the Secret Service’s images from the seized servers in New York—as specifically being good “for ticketing & bulk SMS.” 

“Popular model: used by 5,000+ leading ticket brokers globally & trusted for thousands of large-scale SMS campaigns!,” Ejointech advertises on the $3,730 Ejoin 256 SIM 4G LTE SMS Gateway. On TikTok, it advertises a similar, 512 SIM card model as having “human behavior,” “cloud management,” and “auto SIM card switch.”

“Ticket brokers, streamline your Ticketmaster operations with EjoinTech! Our SMS gateway devices support up to 512 SIM cards, ensuring you never miss a verification code,” the company says. “Designed for efficiency with no unnecessary noise.”  

There is of course no evidence that the SIM boxes seized by the Secret Service this week were used by ticket scalpers, but there’s also no public evidence released by the Secret Service that suggests they were going to try to disrupt the UN General Council’s meeting. The point I’m making is that these devices and these types of farms have become somewhat common in recent years, and they are used not just to send messages in bulk but to receive them in bulk, too. They are used not just for crimes, but for various grey market and controversial, but not necessarily illegal, purposes too. 

“Proxies” and real SIM cards that can receive SMS messages have become critical to the ticket scalping industry. The way ticket scalping works now is that big time brokers will create many (hundreds or thousands) of unique Ticketmaster accounts, each associated with their own phone number. These are sometimes made using prepaid or low-cost wireless carriers like MobileX, whose SIM cards appeared in bulk in Secret Service materials. 

Not every big time broker is going to want to roll their own SIM bank, so a series of companies have popped up that offer “proxies,” which just means that they are basically a company running and selling access to phone numbers, keeping them online, and forwarding SMS codes directly to the ticket broker buying them. These companies do not advertise what specific hardware they are using to do this, but SIM boxes could easily be used to do this, and the scale of farm that the Secret Service found is not particularly large considering these types of services exist. They go by names like “WiredSMS,” “TextChest,” “Quick-Text,” “SMSPass,” and “Jivetel,” among others. TextChest advertises “industry-leading physical SIM lines, trusted by thousands.” A company called Seat Heroes notes that it is “carrier compliant” and that “while others rely on risky, unauthorized setups, Seat Heroes runs on the first ever Tier 1 carrier-integrated infrastructure—no modems, no VOIP, just proprietary and exclusive access to genuine numbers—always on, 24/7” and “no SIM banks—just direct connections.” 

In practice, ticket brokers connect their proxies—either bought from a third party or rolled by themselves—to other bespoke ticketing-buying software that helps them actually manage tons of Ticketmaster accounts and tons of phone numbers at once. There are a host of ticket broker-specific internet browsers that allow brokers to open hundreds or thousands of browser tabs, which each have a browsing session tied to either a specific SIM card or to an IP proxy which can also be bought from third-party services. This allows brokers to power through Ticketmaster’s “Virtual Waiting Rooms” because a broker can have hundreds or thousands of independent browser sessions waiting as separate “people.” The SIM box (or a SIM proxy service) can then be set up in these bespoke browsers to automatically forward and submit Ticketmaster’s SMS two-factor authentication, which is supposedly designed to prevent scalpers from getting tickets.

At one point, Private Tabs, one of the bespoke browsers for ticket scalpers, was advertising a “SIMBOX HARDWARE ADD-ON,” which could “add 512 phone numbers for $3 per line.”

“These hardware devices allow you to add 512 phone numbers to your Private Tabs account,” an archived version of the Private Tabs website reads. “If you already have one, then you can just add it to the config or call us, and we’ll set it up for ya. This ensures that every account you load in has its dedicated number. Rather than paying $9 to $24 per phone number, you can purchase one of these devices and get a phone line for as little as $3 per number. Typically, they pay for themselves within 2 months since each device can hold 512 numbers. With this device you do not need ‘TextChest’ or ‘Private Tab Phones’ [a proxy service] as you can host your own numbers for half the cost.”