Cryptocurrencies tend to attract people from all walks of life. This also includes criminals looking to score some quick profits. A 20-year old man is charged with SIM hijacking to steal $5 million from investors, including cryptocurrency from Consensus attendees.
SIM Hijacking Is a Big Problem
Hackers and criminals step up their game when a new opportunity arises. Over the past few years, social engineering attacks have evolved. Criminals now attempt to hijack phone numbers through mobile service providers in what is known as SIM hijacking or SIM swapping. By submitting sensitive user information, they can gain control over the number. That phone information is often linked to third-party websites and services.
Case in point is a 20-year old man from Boston. California police officials arrested Joel Ortiz on suspicion of hijacking nearly 40 cell phone numbers. It is believed he had help from an unspecified number of individuals. Ortiz was seemingly interested in making a lot of money in a quick, and highly illegal, manner. Reports indicate his total earnings tally up to $5 million, which includes an unknown amount of cryptocurrency.
Cryptocurrency users are a prone target for hackers and criminals. Through SIM hijacking, criminals can even bypass two-factor authentication security measures on cryptocurrency exchanges. As they control the phone number, the 2FA codes are often sent via SMS. By entering this information, they can then access users’ accounts and empty their wallet balances. This trend continues to gain popularity as cryptocurrencies become more commonplace.
Consensus Attendees Affected
According to Motherboard, several attendees of Consensus 2018 fell victim to SIM hijacking. Ortiz has not confirmed these allegations at this stage. He faces 28 charges, 13 of which are related to identity theft. Ortiz does claim he and his “conspirators” have access to millions of dollars in cryptocurrency. Whether that means all of the money obtained is stolen cryptocurrency remains unclear.
People attending Bitcoin conferences have a target on their back. Consensus is widely considered to be the biggest cryptocurrency event of the year. People often share their upcoming trip to such an event on social media. This makes it easier for criminals to target specific users through SIM hijacking.
It is believed at least three attacks occurred during Consensus. One investor lost $1.5 million through a SIM hijacking incident, most of which was obtained during a recent initial coin offering. This particular criminal trend is extremely worrisome for cryptocurrency users. By the time a phone number has been hijacked and the owner noticing, the criminal has likely changed all the account passwords and is siphoning off whatever funds they can find. Using services which offer non-phone-based, two-factor authentication and not storing funds in exchanges are one’s best options to avoid issues like these.
Have you been the victim of SIM hijacking? Let us know in the comments below.
Images courtesy of Shutterstock.