Last month, Ethereum’s co-founder Vitalik Buterin, also known as the Prince Of Crypto, fell victim to a SIM swap attack.
The attacker was able to gain access to his X account, and they used it to promote a dodgy NFT collection. Some of Buterin’s followers bought NFTs from the collection thinking it was endorsed by Buterin himself. In the end, the attacker took off with US$690,000 (AU$1.09 million).
Vitalik Buterin later managed to regain access to his X handle, and clarified that it was a SIM swap attack. Someone “socially engineered” his mobile service provider, T-Mobile, to take over his phone number, thus having access to social media accounts tied to his number.
What is a SIM swap attack?
A SIM swap attack is a form of identity theft. According to cybersecurity firm Avast, it occurs when an attacker tricks a mobile service provider into “switching the victim’s service to a SIM card that they control”.
This means that the attacker essentially hijacks the victim’s number to activate their own SIM card. Attempts to contact the victim’s number will also be directed to the attacker’s number.
A SIM swap attack is also known as “simjacking” or “simcard hacking”. Today, many, if not all of our online accounts are in some way tied to our phone number. So, a SIM swap attack can be extremely dangerous, as the attacker potentially gains access to highly sensitive information, such as bank accounts and social media handles.
How does a SIM swap attack happen?
A SIM swap attack typically occurs via social engineering. Social engineering refers to when a scammer emotionally or psychologically manipulates a victim into giving away sensitive information. In this case, it could be bank account details or social media usernames and passwords.
SIM swap attack in crypto
In the crypto space, scams involving SIM swap attacks are on the rise, mainly targeting individuals who own a large amount of cryptocurrency. Attackers are stealing millions of dollars in crypto from victims.
In early October, users of the Web3 social media platform Friend.Tech were targets of a SIM swap attack that cost them millions.
One prominent Friend.Tech user had 22 ETH stolen, which was equivalent to US$39,800 (AU$62,900). The victim also claimed that he was doxxed online and was “spammed” with phone calls every minute.
In August, Bart Stephens, co-founder of crypto fund Blockchain Capital, filed a lawsuit against a hacker. He alleges the hacker executed a SIM swap attack to steal US$6.3 million (AU$9.95 million) worth of Bitcoin from him.
This week, prominent blockchain investigator ZachXBT claimed to have uncovered over 17 SIM swap attacks as part of a massive heist. The attacker, who ZachXBT says goes by the name Yahya, reportedly stole a total of US$4.5 million (AU$7.11 million) from victims.
How to know if you’ve been attacked
SIM swap attacks are becoming increasingly widespread in the crypto scene. Fortunately, it is not difficult to identify when your SIM card gets hijacked. Here are a few signs to look out for, according to Kaspersky:
- Account lockouts: If you are locked out of your bank accounts, social media accounts, or emails for no reason at all.
- Suspicious notifications: If you receive SMS notifications, texts or calls that are of a suspicious origin, especially from services that you aren’t a customer of.
- Unexpected transactions: If your bank accounts or credit cards perform suspicious transactions.
- Unexpected social media posts: If someone has logged in and made posts using your social media profile.
If any of the above occurs, you should immediately contact your mobile service provider.
How to protect yourself
Fortunately, as frightening as SIM swap attacks are, it is not difficult to protect yourself against them. One simple way is by securing your SIM card with a PIN number or security questions. Setting up two-factor authentication (2FA) to strengthen your account security always helps, too.
Finally, the general rule of being careful on the internet always holds true: always be vigilant and wary of suspicious phishing texts, calls or emails from unknown phone numbers. Do not click on suspicious links.
