Cryptocurrency users are often targeted by criminals. Especially those users who rely on exchanges to manage and store funds. A new lawsuit filed against AT&T and T-Mobile is of great interest in this regard. The lawsuit alleges that neither company did enough to prevent the SIM swapping attacks that resulted in the theft of more than $1 million in cryptocurrency.
What is SIM Swapping?
Theft of cryptocurrencies occurs in many different ways. One notably popular trend involves hijacking existing exchange user accounts. These accounts are often protected by two-factor authentication. For most exchanges, that equals to sending a text message to a mobile phone number associated with the user’s account. It is a relatively secure method, but one that can also backfire.
Dozens of cryptocurrency users have fallen victim to SIM swapping over the years. Criminals claim phone numbers as their own by verifying the owner’s identity. The necessary information to do so is usually obtained through social engineering or from social media platforms. Providers such as AT&T and T-Mobile are now charged with negligence when it comes to these SIM swapping attempts.
According to the lawsuit, several cryptocurrency investors have filed a lawsuit. Silver Miller is the firm spearheading this case at this time. Both providers face charges of “helping thieves in remotely taking over SIM cards”. In virtually all cases, cryptocurrency funds have been lost in the process. One user lost roughly $621,000 due to such a SIM swapping attack.
Account Security Needs to Improve
Although two-factor authentication is a good measure, it is not always implemented correctly. Most cryptocurrency exchanges still consider this an optional step. Instead, they should enforce this method upon users to keep their funds safe. Secondly, moving away from text-based verification is another option worth considering. Google Authenticator or other solutions are equally secure and convenient.
This SIM swapping lawsuit can set a major precedent. If both mobile providers are found guilty, plenty of additional cases can be filed. The theft of mobile numbers in the cryptocurrency has been an ongoing problem. It is not native to the Bitcoin industry either. Any service provider relying on 2FA via SMS can have users “defrauded’ in such a manner.
For cryptocurrency users, this is another wake-up call. Taking exchange account seriously is something that cannot be overlooked. With decentralized exchanges, attacks like these will become a lot less common. More and more trades already occur through such solutions in 2018. Security should always come first, regardless of how it affects convenience.
Are the crypto holders justified in their lawsuit? What can be done to protect against SIM swapping attacks? Let us know in the comments below.
Images courtesy of ShutterStock