Investor Awarded $75 Million in Civil Lawsuit Against 21-Year-Old Who Stole His Crypto

Francisco Memoria

Michael Terpin, a U.S. entrepreneur and cryptocurrency investor who’s seen SIM swappers steal millions worth of cryptocurrency from him, has recently been awarded $75.8 million in a civil judgment against a man who was reportedly part of a scheme to defraud him.

According to Reuters, the California Superior Court last week ordered Nicholas Truglia, a 21-year-old New York resident, to pay the amount in compensatory and punitive damages, making this one of the largest judgements awarded to an individual in a cryptocurrency-related case.

Speaking to the news outlet, Terpin noted he filed the civil complaint back in January, after seeing three million tokens get stolen from his cryptocurrency wallet over a SIM swapping attack in early 2018.

At the time, the tokens were reportedly worth around $23.8 million. This, according to a complaint Terpin filed with the U.S. District Court in Los Angeles back in August, in which he sued AT&T, his service provider, for “gross negligence” that caused him to lose the funds.

Truglia and other hackers reportedly fraudulently transferred Terpin’s phone number to a phone they controlled, to then reset the passwords of his online accounts and ultimately steal his cryptocurrency.

Truglia himself was arrested in November of last year, in connection with six other crimes that saw him be accused of stealing $1 million worth of cryptocurrency through SIM swapping techniques.

P2P Token Trading Platform AirSwap Discloses ‘Critical Vulnerability’

  • Peer-to-peer trading platform AirSwap claims to have identified a "critical vulnerability" in one of its smart contracts. 
  • Ten addresses have been identified so far as being at risk of exploitation. 

Peer-to-peer token trading network AirSwap has disclosed a “critical vulnerability” in a newly released smart contract. 

AirSwap's Critical Vulnerability

According to the disclosure, which was published on Sept. 13, AirSwap’s internal security team identified a potential exploit in a newly released mainnet smart contract. The vulnerability would allow an attacker to “perform a swap without requiring a signature from a counterparty.” 

AirSwap claims that the offending code was only present for twenty-four hours on the network before being identified and removed. However, users of AirSwap Instant between Sept. 11 and Sept. 12 may have been affected by the vulnerability, with the report claiming that 10 accounts have been recognized so far as being at risk. 

AirSwap has published the addresses to the vulnerable accounts, telling all other users that no further action is required. The report also outlines the step-by-step actions taken by the exchange in the aftermath of discovering the vulnerability, including an apology to its client base, 

We would like to deeply apologize to our affected users for any inconvenience these vulnerabilities may have caused, and hope that the important lessons we continue to learn throughout these processes form the basis for a more open, secure, and efficient trading environment.

Featured Image Credit: Photo via