Cryptocurrencies have determined many criminals to employ various strategies to exploit certain weaknesses for a quick profit. A recent case of such kind involved a 20-year old man is charged who managed to hijack the SIM cards from crypto investors and steal $5 million.
Serious SIM Hijacking Issue
Criminals have now taken up hijacking phone numbers via mobile service providers. The process known as SIM hijacking or SIM swapping involves submitting sensitive user data through which the hackers can then have control over the number. The phone data is often used in third-party websites and services in their authentication process.
A recent example of such hijacking would be that of a 20-year old man from Boston. The perpetrator known as Joel Ortiz was arrested by California police officials, being suspected of hijacking approximately 40 cellphone numbers.
Authorities believe that he was aided by an undetermined number of individuals. Reports show that Ortiz managed to rack in nearly $5 million, the amount also being comprised of an unknown amount of cryptocurrency.
SIM hijacking enables criminals to circumvent two-factor authentication which is used by cryptocurrency exchanges as security measures. As the 2FA codes are often sent in an SMS text, hackers that gain control of the phone can find out this information and use it to access the accounts and wallets of the users.
Consensus Attendees Also Victims of SIM Hijacking
Several individuals that were attending the Consensus conference were also affected by the SIM hijacking.
At this point, Ortiz has yet to confirm any of these accusations. He will be charged on 28 accounts, 13 of them involving identity theft.
Ortiz has admitted that he and his collaborators have access to cryptocurrency accounts which hold millions of dollars. It is yet unknown if all the stolen amount is entirely from cryptocurrency theft.
Consensus generally regarded to be the most important cryptocurrency event of the year. As attendants often share their participation in the event on social media, criminals can target more easily specific users with their SIM hijacking.
It is suspected that at least three attacks happened during Consensus. $1.5 million was stolen from one investor’s account in the SIM hijacking incident, most of the sum being resulted from a recent initial coin offering.
By the time the victim notices their phone number has been hijacked, the criminal has most likely changed the account passwords and transferred all the funds without a trace. To avoid such issues it is best to use services that offer non-phone-based, two-factor authentication and keep funds in secure wallets.