Search This Blog

Showing posts with label Sim Hijacking. Show all posts

Understand how SIM Swapping can easily be used to hack your accounts!

We've all heard about sim swapping, SIM splitting, simjacking or sim hijacking- the recent trend with cybercriminals and now a study by Princeton University prooves the vulnerability of wireless carriers and how these SIM swapping has helped hackers ease their hands into frauds and crimes.



SIM swapping gained quite an attention when Twitter CEO Jack Dorsey’s account was hacked on his own platform. A study by Princeton University has revealed that five major US wireless carriers - AT&T, T-Mobile, Verizon, Tracfone, and US Mobile - are susceptible to SIM swap scams. And this sim hijacking is on a rise in developing countries like Africa and Latin America.

What is SIM swapping? 

SIM swapping is when your account is taken over by someone else by fraud through phone-based authentication usually two-factor authentication or two-step verification. This could give the hacker access to your email, bank accounts, online wallets and more.

How does the swap occur? 

In a SIM swap, scammers exploit the second step in two-factor verification, where either a text message or a call is given to your number for verification.

Citywire further explains the process, "Usually, a basic SIM-card swapping work when scammers call a mobile carrier, impersonating the actual owner and claiming to have lost or damaged their SIM card. They then try to convince the customer service representative to activate a new SIM card in the fraudster’s possession. This enables the fraudsters to port the victim’s telephone number to the fraudster’s device containing a different SIM."

After accessing the account, the scammers can control your email, bank accounts, online wallets and more.

 Detecting SIM swapping attack

• The first sign is if your text messages and cell phones aren't functioning, it's probable that your account is hijacked.

• If the login credentials set by you stop working then it's probably a sign that your account has been taken over. Contact your telecom provider and bank immediately.

• If you get a message from your telecom provider that your SIM card has been activated on another device, be warned it's a red sign.

Food blogger Jack Monroe lost 5000 Euros in phone number theft



"I lost 5000 Euros when my phone number was hacked and re-used on another sim card," says Jack Monroe. The culprits then successfully received her two-time verification information and obtained her bank and cash records."I was already concerned about the safety and had several steps in check," said Jack in a tweet. The industry was not able to address the "sim-jacking," says a privacy campaigner. The blogger expressed her anger in a tweet when she was told, 'although she would get her mobile number back in no time, the amount stolen will take time to refund.' "The cash taken has cost me very much - I'm a self-engaged freelancer and I have to work for every cent that I make," she tweeted.

The food writer is recognized for her cost-effective recipes and her support for campaigns against poverty. Sim-jacking, or Sim-swapping, is when culprits switch a mobile number with another Sim and use it as their own. This is done by criminals pretending as a consumer who wants to shift to a separate mobile service provider but doesn't want to change the phone number.

While personal information is required before requesting a sim transfer, the information is sometimes already available on the internet. - In this case, Ms. Monroe's date of birth, for instance, was retrieved from the internet. In other cases, the shop keepers or sim providers are often tipped for sim-jacking.

The first sign of sim hijacking for the victim is when their phone stops functioning. "The cases of sim-swapping in England are rare but there have been instances in other parts of the world. The industry is unable to combat the problem of sim-jacking," said Pat Walshe, Director, Privacy Matters, to BBC. The task of sim swapping is not common but one can do it easily if they want to, says Pat.

If ever caught in sim-jacking, the victims should always report the incident to their mobile operator or the ICO (Information Commissioner's Office). "The case should now push the ICO to inquire whether mobile operators and shop owners are actively following the protocol to protect services and data under telecommunication privacy laws," said Pat. The Global System for Mobile Communications, commonly known as 'GSMA' has made an alternative mobile identification verifier known as Mobile Connect. The ICO has been contacted by BBC, regarding the data theft problems.

Sim swapping attacks hit US cryptocurrency users

Something strange happened last week, with tens of US-based cryptocurrency users seeing SIM swapping attacks.

Numerous members of the cryptocurrency community have been hit by SIM swapping attacks over the past week, in what appears to be a coordinated wave of attacks.

SIM swapping, also known as SIM jacking, is a type of ATO (account take over) attack during which a malicious threat actor uses various techniques (usually social engineering) to transfers a victim's phone number to their own SIM card.

The purpose of this attack is so that hackers can reset passwords or receive 2FA verification codes and access protected accounts.

These types of attacks have been going on for half a decade now, but they've exploded in 2017 and 2018 when attackers started focusing on attacking members of the cryptocurrency community, so they could gain access to online accounts used for managing large sums of Bitcoin, Ethereum, and other cryptocurrencies.

But while these attacks were very popular last year, this year, the number of SIM swapping attacks appeared to have gone down, especially after law enforcement started cracking down and arresting some of the hackers involved in these schemes.

Something happened last week

But despite a period of calm in the first half of the year, a rash of SIM swapping attacks have been reported in the second half of May, and especially over the past week.

Several users tweeted their horrific experiences.

Some of them have publicly admitted to losing funds, such as Sean Coonce, who penned a blog post about how he lost over $100,000 worth of cryptocurrency due to a SIM swapping attack.

Some victims avoided getting hacked

Some other victims candidly admitted to losing funds, while others said the SIM swapping attacks were unsuccessful because they switched to using hardware security tokens to protect accounts, instead of the classic SMS-based 2FA system.

Hackers charged with stealing $ 2.4 million



A group of hackers from the cybercrime group known as “The Community” charged in the U.S for “Sim Hijacking” attack and commit wire fraud along with 3 former employees of mobile phone providers.

All the 6 members of “The community ” group alleged to have participated in thefts of victims’ identities and used the data to steal cryptocurrencies via SIM Hijacking attack also known as SIM Swapping.

“SIM Hijacking” or “SIM Swapping” is an identity theft technique that exploits a common cyber-security weakness – mobile phone numbers.

This special technique used by hackers to gain control of victims’ mobile phone number in order to route the victims mobile traffic such as phone calls and short message service (“SMS”) messages through the devices controlled by “The Community”.

According to the fifteen-count indictment unsealed, SIM Hijacking was accomplished by a member of “The Community” contacting a mobile phone provider’s customer service—posing as the victim—and requesting that the victim’s phone number be swapped to a SIM card (and thus a mobile device) controlled by “The Community”. Later, Hijacked new SIM will be used as a gateway to gain control of online accounts such as a victim’s email, cloud storage, and cryptocurrency exchange accounts.

Here is the list of 6 “The Community” 3 former employee of mobile phone provider.

Conor Freeman, 20, of Dublin, Ireland

Ricky Handschumacher, 25 of Pasco County, Florida

Colton Jurisic, 20 of, Dubuque, Iowa

Reyad Gafar Abbas, 19, of Rochester, New York

Garrett Endicott, 21, of Warrensburg, Missouri

Ryan Stevenson, 26, of West Haven, Connecticut

Charged in the criminal complaint were:

Jarratt White, 22 of Tucson, Arizona

Robert Jack, 22of Tucson, Arizona

Fendley Joseph, 28, of Murrietta, California