SIM-swapping is a tactic that has become rather popular amongst hackers and malicious actors over the past few years, and while the attacks have gone down in recent months, last week was marred by a regular series of them. At press time, it’s unknown how many occurred, if they are all individualized attacks, or if they are all part of something bigger.
What Was It About SIM-Swapping Last Week?
SIM-swapping occurs when a hacker is somehow able to gain access to a victim’s social security number and other private information. They then either use this information to hack into the person’s phone and change the passwords and usernames they use to login into their accounts (including crypto accounts) or they’re able to change all the information through the help of an employee with the person’s phone service provider.
They have the social security number and the answers to security questions from the victim, so they’re usually not stopped by the employees who are unaware that they’re being used for malicious purposes. Sometimes, however, these employees are bribed for assistance.
For the most part, these attacks have become relatively scarce compared to how they were a few years ago. However, over the past week, a steady number of SIM-swapping tactics have been utilized, resulting in a strong number of hacks that all occurred at around the same time.
One victim commented on Twitter:
My personal identity was hacked last week. The attacker was able to steal $100K in a sweep of my Coinbase account. I’m equal parts embarrassed, hurt and deeply remorseful.
Many of the users appear to have been customers of T-Mobile. One user explains on Twitter:
I haven’t gone public yet, but I had three on me personally in the past week. Submitted an FBI report. All signs point to an inside job at the cell company. Phone records were wiped clean for an entire day and ‘recorded for quality and training purposes’ settings were turned off.
Last year, Caleb Tuttle – a detective with the Santa Clara County District Attorney’s office – explained that SIM-swapping can happen in one of three ways:
The first is when the attacker bribes or blackmails a mobile store employee into assisting in the crime. The second involves current and/ or former mobile store employees who knowingly abuse their access to customer data and the mobile company’s network. Finally, crooked store employees may trick unwitting associates at other stores into swapping a target’s existing SIM card with a new one.
This Looks Familiar
Though many of the victims garnered their cell phone service through T-Mobile, some have admitted to being AT&T users, just like Michael Terpin, who was the victim of a multi-million-dollar cryptocurrency heist thanks to a SIM-swap. He’s now suing the phone service provider.