Defendant Who Stole More Than $16,000 in Cryptocurrency and Orchestrated a “Swat” Attack on His Accomplice Pleads Guilty to Aggravated Identity Theft

Baltimore, Maryland – Kyell Bryan, age 20, of Kingston, Pennsylvania, pleaded guilty today to aggravated identity theft in connection with his involvement in a “SIM swap” and cryptocurrency theft scheme.

The guilty plea was announced by United States Attorney for the District of Maryland Erek L. Barron; Special Agent in Charge James R. Mancuso of Homeland Security Investigations (HSI) Baltimore; and Chief Melissa R. Hyatt of the Baltimore County Police Department (BCPD).

According to his guilty plea, in June 2019, Bryan conspired with others, including co-defendant Jordan K. Milleson, to carry out a scheme to steal cryptocurrency from others. At the beginning of the conspiracy, Bryan knew Milleson only by an online alias and did not know Milleson’s real name.

The scheme to defraud was carried out by fraudulently obtaining the login credentials of wireless service provider or affiliate employees, using the stolen credentials of these employees to access the service providers’ computer networks. Upon accessing the computer networks of the wireless service providers, Bryan and his co-conspirators conducted unauthorized “SIM swaps.” “SIM swapping” refers to a method of unauthorized takeover of a person’s wireless account, effectively allowing malicious actors to divert phone and data traffic intended for one device, e.g., a cell phone, to another device controlled by the malicious actors. The conspirators then used their unauthorized access to victims’ cellular telephone accounts to illegally gain access to victims’ email and financial accounts, enabling them to transfer the victims’ cryptocurrency from the victims’ accounts.

Specifically, in June 2019, Milleson used several phishing websites he created to steal the login credentials of Victim 2, who worked for a specific wireless provider or its affiliate. On June 25, 2019, Bryan and Milleson used Victim 2’s credentials to gain unauthorized access to the wireless provider’s computer network and execute “SIM swaps”.

After gaining access to the wireless provider’s network, Milleson and Bryan intentionally used the stolen login credentials to redirect phone and text message traffic intended for a mobile device used by the owner of a digital currency investment company, Victim 3, to a device controlled by them.

After conducting a successful “SIM swap” of Victim 3’s phone account, Bryan and his co-conspirators unlawfully gained access to Victim 3’s online accounts, including their email account, and an account containing digital currency. Bryan then instructed and directed Milleson to transfer Victim 3’s cryptocurrency out of Victim 3’s account. At the time of the transfer, Victim 3’s cryptocurrency was valued at approximately $16,847.47.

Soon after the theft, Bryan and his co-conspirators began to suspect that Milleson cheated Bryan and the other accomplices out of their share of the stolen proceeds. Bryan and other accomplices then began to threaten Milleson; one accomplice stated that if Milleson did not share the proceeds, they would burn down Milleson’s house and ruin Milleson’s life.

Bryan and his co-conspirators then attempted to uncover Milleson’s true identity by messaging other individuals for Milleson’s real name, address, and contact information. During a conversation with a co-conspirator, Bryan learned that Milleson went by the alias of “Chikri”. Later on, Bryan stated that the conspiracy would find Milleson’s identifying information and “swat” him. “Swatting” refers to a criminal harassment tactic in which a person makes a false report to law enforcement such as a bomb threat, murder, or hostage situation in order to trigger police or SWAT response to a specific address and place the target in a real life-threatening situation.

Shortly after Bryan asked other individuals for Milleson’s real information and learned that “Chikri” also identifies himself under the alias “Jordy”, the BCPD received a call from an unknown male claiming to have shot his father and was threatening to shoot himself. The male caller stated he was at Milleson’s home address and advised that he was armed with a handgun. During the call, the unknown male threatened to shoot if police confronted him.

The BCPD dispatched patrol officers and subsequently learned there was not a real emergency situation at the Milleson residence. However, a relative of Milleson informed authorities that an unknown person called the residence and said that Milleson had stolen $20,000.

Bryan agrees that he and his accomplices carried out the swatting attack to target Milleson because Milleson initially refused to share the proceeds stolen from Victim 3. Byran also agrees that he knowingly possessed and illegally used the identification of a real person during and in relation to wire fraud, unauthorized access of a protected computer in furtherance of fraud, and intentional damage of a protected computer.

Co-defendant Jordan Milleson was sentenced to two years in federal prison on May 5, 2021 by Chief U.S. District Judge James K. Bredar. Chief Judge Bredar also ordered Milleson to pay restitution of $34, 329.01.

Bryan faces a statutorily required sentence of two years in federal prison followed by one year of supervised release for aggravated identity theft. As part of his plea agreement, Bryan will be ordered to pay $16,847.47 in restitution. Chief U.S. District Judge James K. Bredar has scheduled sentencing for January 31, 2022 at 10 a.m.

This case was prosecuted utilizing resources from the Dark Market and Digital Currency Crimes (DMDCC) Task Force. The DMDCC Task Force is a joint effort between the U.S. Attorney’s Office, HSI – Baltimore, the U.S. Secret Service, the U.S. Postal Inspection Service; the Food and Drug Administration, the Internal Revenue Service – Criminal Investigation, the Drug Enforcement Administration, the Defense Criminal Investigative Service, the Baltimore Police Department, and the Baltimore County Police Department, targeting the use of dark net marketplaces and digital currencies to facilitate criminal activities. The past several years have witnessed a significant increase in the use of the internet (both the clear net and dark net) and digital currencies to facilitate, for example, the illegal sale and distribution of narcotics and firearms, computer technologies (including hacking tools), and Personal Identifiable Information (PII). In response to this rising threat, the U.S. Attorney’s Office, HSI, and their partners formed the DMDCC Task Force to facilitate stronger collaboration among law enforcement partners combatting these crimes.

United States Attorney Erek L. Barron commended the HSI and BCPD for their work in the investigation.  Mr. Barron thanked Assistant U.S. Attorney Christopher M. Rigali, who is prosecuting the case.

# # #