EagleFX

When you sign up for an announcement, be it Google, Twitter, or even some crypto asset exchanges, the service providers often prompt you to input your personal phone number as a way to add an extra layer of security.

Although this medium of account protection works for most, hackers have begun to find ways to exploit this measure. And interestingly, due to the state of the cryptocurrency market and how its infrastructure works, these bad actors have begun to specifically target Bitcoin/digital asset holders.

Sim Swapping

What Is SIM Swapping?

According to a recent report from technology and cybersecurity publication ZDNet, over ten members of the cryptocurrency and blockchain community has been hit by SIM (referring to the SIM card that handhelds use to connect to networks), swapping attempts over recent weeks.

Firstly, for those unaware, SIM swapping (jacking) is a form of attack during which an actor uses social engineering tactics — namely ringing up AT&T and other telecom companies under a false identity and malicious premises — to switch the victim’s phone number to their own device. In doing this, the attacker can use the phone number of their victims to hijack accounts or access pertinent bits of information meant to be under lock and key.

U.S. Crypto Users Under Attack

Most of the time, hackers stray away from anything to do with the regulated financial system, as suspicious transactions can be flagged and traced by authorities. But with digital assets, especially a privacy-enabling digital coin like Monero, and their respective exchanges, hackers can withdraw cryptocurrencies from a hacked account at much less risk than withdrawing hacked PayPal funds to a States-based bank account, for instance.

In a matter of a few hours, an attacker can take over one’s phone number, access a victim’s email account, forcefully break into cryptocurrency exchange accounts, withdraw Bitcoin or what have you into their own addresses, and then blend the coins for privacy.

The large attack surface provided by how telecom operators, email accounts, and digital asset exchanges work today has resulted in there being a massive SIM swapping target on the back of cryptocurrency’s biggest names.


Cryptorocket

Alternatively, this attack method can be used to break into social accounts, like one’s Twitter or Telegram, which are where deals happen, key tidbits of information are exchanged, and personal conversations take place. Attackers have surely taken note.

Three weeks back, Sean Coonce, part of BitGo’s engineering team, was SIM swapped. In the attack, he lost over $100,000 worth of crypto assets and fiat holdings from his personal Coinbase account. And in the days that followed, other workers and influencers in the crypto industry made similar reports.

Although most didn’t report the loss of their holdings, Ethereum proponent Chris Robison, ConsenSys alumnus Ameen Soleimani, MolochDAO team member Cassandra Shi, and many others reported that they temporarily lost access to their texts and calls for no apparent reason.

While the frequency of these attacks, for the time being, has slowed, it is important to note that all users attacked in this recent spree were based in the United States and were clients of T-Mobile and the Bitcoin-friendly AT&T (funny, huh). It is unclear whether this SIM jacking trend has coincided with the return in the Bitcoin price, which is up by almost 100% in the past two months.

Don’t Worry All Too Much

Despite these recent attacks, SIM swappers often don’t get away with their crimes, or at least not for long. Earlier this month, the U.S. Department of Justice (DoJ) managed to arrest and charge nine individuals — a SIM jacker group that called themselves “The Community” — for conspiracy to commit wire fraud, wire fraud, and aggravated identity theft.

Surprise, surprise, the nine was participating in SIM swapping, which allowed them to steal over $2.4 million worth of cryptocurrency over a purported seven attacks. Lone attackers, including a man who stole $5 million worth of cryptocurrency, have also been caught.


Buy Crypto    Trade Crypto
eToro Risk Warning: 75% of retail investor accounts lose money when trading CFDs with this provider. You should consider whether you can afford to take the high risk of losing your money.

Avatar

Posted by Nick Chong

Since 2013, Nick has shown interest in Bitcoin and cryptocurrencies. He has since become involved in the industry as a full-time content creator, working for NewsBTC, Bitcoinist, LongHash, among other outlets. Aside from covering the news, Nick is a Creative at Taiwanese technology company HTC.


All content on Blockonomi.com is provided solely for informational purposes, and is not an offer to buy or sell or a solicitation of an offer to buy or sell any security, product, service or investment. The opinions expressed in this Site do not constitute investment advice and independent financial advice should be sought where appropriate.

Leave a reply

Your email address will not be published. Required fields are marked *