Pages:
Author

Topic: Beware: SIM Hijackers Steal Over $5 Million in Bitcoin in First Reported Crime (Read 479 times)

newbie
Activity: 336
Merit: 0
This is really disappointing news for us based on this in crypto market we are suffering from hackers and scams but now new term added sim hijacking based on this mobile operator should think about this because now tech is related to our personal life.   
full member
Activity: 756
Merit: 105
Trphy.io
This is not a good news for the cryptocurrency community. I think strict actions must be taken against those hijackers. FBI labelled it as tech support hack.  Let's see what the trial decides for them.
I hope the perpetrators like them must be punished as hard as possible because the obstacles in working in the digital world are actors like them
newbie
Activity: 168
Merit: 0
This is not a good news for the cryptocurrency community. I think strict actions must be taken against those hijackers. FBI labelled it as tech support hack.  Let's see what the trial decides for them.
jr. member
Activity: 238
Merit: 2
Thieves always stole our wallet, there are too many tricks to steal. So, to protect your wallet, you just have to protect yourself, do the security work, but a bit annoying but our wallet is always safe and we can sleep well.
legendary
Activity: 3178
Merit: 1054
which is  why i  don't  trust exchanges which mandate us to us phone verification and  google authentication. this isn't just the  issue i had in mind but also if my  phone is lost or stolen, it can be used to take my coins in the exchanges.  situation like this  can happen again and again  as hackers can become more creative. i  think dex are going to be the next best thing to use when adoption finally came. DEX doesn't require phones and users have the private keys with them.
jr. member
Activity: 70
Merit: 1
THIS IS OUTRAGEOUS. CRIMINALS EVERYWHERE LOOKING FOR ONE THING TO STEAL. A NEW METHOD OF THEFT.  I AM NOT SUPRISE AS LONG AS ICT IS CONCERNED, THERE IS ALWAYS  A CASE OF HIJACKERS OR SCAMMERS WANTING TO HIJACK ONE THING OR THE OTHER. WE JUST NEED TO BE CAREFUL WHO WE GIVE OR ALLOW ACCESS TO OUR GADGETS AND ALSO TO MIND WHO YOU GIVE YOUR PHONE TO MAKE A PHONE CALL AS YOU MIGHT BE MONITORED BY THEM NOT ONLY THAT MIND THE KIND OF RESPONSE YOU GIVE VIA PHONE SMS ALERT RESPONSE. SOME SMS MIGHT JUST BE A CODE TO GET THROUGH YOUR GADGETS TO STEAL SOME VITAL INFORMATION FROM YOU WITHOUT  YOU KNOWING WHILE SOME SMS MIGHT JUST BE YOU ACTIVATING THE ALREADY SENT BUG TO YOUR PHONE. WE JUST NEED TO BE CAREFUL THESE DAYS AS NOT TO FALL VICTIM OF THE NEFAROUS ACT OF SIM HIJACKERS AND SCAMMERS. YOU CAN IMAGINE THE WORTH VALUE OF BITCOIN HIJACKED.
THUS IS JUST MY OPINION.
newbie
Activity: 56
Merit: 0
It’s really terrible. All should secure their account and password, otherwise anyone can be a victim of it. I think all should use one time password with multiple way of verification. 
newbie
Activity: 56
Merit: 0
Sim hijacking will apparently happen when you have lost your sim card and did not take any initiative to take it back. It happens so many times that we lose our SIM card and don't report the telco/ authority. We should stop doing it and be more careful.
newbie
Activity: 56
Merit: 0
I think day by day crimes related to cryptocurrency will be increased. There should be some strict rules. I hope these things will be stopped as bitcoin will may have developed security in future.
newbie
Activity: 109
Merit: 0
It always amazes me that people who have so much money stored in cryptocurrency are so technically inept and bad at security.

If your 2FA can be reset/hacked by the same method that would reset/hack your logins/passwords, then it isn't 2FA. Use one that isn't linked to or backed up on your SIM, email, etc. Some hardware wallets such as the Ledger have a 2FA app available for them.



One common crime that's carried out on cryptocurrency investors is the phone-porting attack. Hackers snoop around social media, looking for cryptocurrency conversations in which investors post their phone and email for easy contact. Then, posing as the victim, they call up the phone provider in an attempt to fool the customer service representative into transferring the phone number to a device they control. Once the hackers take over the phone number, they can go into the victim's cryptocurrency exchange account by resetting the password, ultimately stealing cryptocurrencies from the account. Cody Brown, a virtual reality developer, blogged about how he lost around $8,000 worth of cryptocurrencies on Coinbase in 15 minutes, triggered by a phone porting attack on his phone account. A cellphone number is not the only point of weakness. Adam Dachis, a former writer for Lifehacker, says his Coinbase account was ransacked in May by hackers who took control of his home computer, costing him $10,000 worth of cryptocurrencies. "Computer hacks, phishing attacks and cryptocurrency Ponzi schemes are all common types of cryptocurrency theft," said Jonathan Levin, co-founder of Chainalysis, an intelligence software firm that specializes in tracking and solving cryptocurrency crimes.


So what's the best way to protect your cryptocurrency investments from hacks?
[/b]

To find out, we reached out to three cryptocurrency investors and three cybersecurity experts. All three investors have lost some cryptocurrencies due to different hacks. One of the experts, Amir Bandeali, also is an investor, lost about 18 percent of his investments because the exchange (Bitfinex) he was trading with was hacked. That incident inspired him to build decentralized exchanges, which he believes will be the future for trading cryptocurrencies.

All of them admitted there's no perfect solution to the problem. In the age of cryptocurrency, hard drives and personal computers have become the new bank vaults. And our real-world knowledge of protecting money from theft is not enough in the virtual world. The following suggestions can serve as a safety pamphlet for new cryptocurrency investors.


Here's the advice of investors and experts, edited for clarity and style:
[/b]

Jonathan Levin, co-founder of Chainalysis

1. Before you open up an account on Coinbase [or other exchanges], set up an unique email that you are going to use for that account.

2. Make sure to set a really hard and long password, and you are the only one to access it from a piece of paper that you control.

Dan Romero, VP of operation at Coinbase

1. On Coinbase, turn off SMS-based two-factor authentication and account recovery for your email account. If you move to Google Authenticator but don't turn off SMS account recovery, a phone port attack can still lead to an email compromise.

2. On Coinbase, setup the Coinbase Vault and two-factor authentication for any sends off-site.

Sean Everett, VP of product management, Coinbase account was hacked by phone porting attack

1. Don't talk about cryptocurrency publicly, especially on social media.

2. Call your cellphone provider, put every level of security you possibly can, and add a passcode to it. The next level protection is to add a "do not port" SIM card to your account. That can last for a year.

3. Even though Coinbase says it takes security seriously and has system designs to protect customers, it's not a bank. Don't trust it as such.

Adam Dachis, digital consultant, Coinbase account was raided by a computer hack

Don't keep all your cryptocurrency investments in one place. Diversify among exchanges. It's unlikely you are going to get hacked at the same time through all of them. Especially if you have different emails and passwords for each.

Sanjay Beri, CEO of Netskope, specialize in enforcing security across cloud applications and network.

Keep your cryptocurrency off the internet, in a "cold wallet."

"Cold wallet" is not a brand, it's a concept of storing bitcoins offline (not connected to internet) so that it reduces the opportunities for hackers to steal via online techniques.

"Hot wallet" is connected to the internet, for daily transactions. Think about "hot wallet" as a checking account and "cold wallet" as the savings account.

Here is how to create a cheap "cold wallet" on a dedicated computer:

First, download a cold wallet application to a new, secure usb drive.

Then, take a computer, reset it to factory setting, disconnect it from the internet and keep it offline.

Last, load the cold wallet application onto the computer, keep your cryptocurrencies on that clean and offline computer. You can make transactions offline, using the cold wallet application.

Amir Bandeali, CTO and founder of 0x project


1. If you must use a centralized exchange, withdrawal often, store your tokens on a hardware wallet, which is a hardware device, creates transactions without connecting through the internet.

2. If you are trading tokens on ethereum, I recommend looking into decentralized exchanges. The biggest difference between centralized exchanges (like Coinbase, Kraken and Bitfinex) and decentralized exchanges is that decentralized exchanges do not hold users' funds. No one can ever access your funds other than you. So it can't be stolen unless your private keys are compromised.
full member
Activity: 251
Merit: 100
Those sim hijackers have to be not get prisoned but hired by the operators so that the hijackers can gain more than $5 million.
newbie
Activity: 56
Merit: 0
I have noticed that a large numbers of criminals are now targeting bitcoin. So we all should be alarmed. Bitcoin is so much popular now. It can easily allure criminals.
sr. member
Activity: 714
Merit: 254
Quote
With SIM hijacking, mobile operators are tricked into transferring the phone number of a target to a SIM card that’s under the control of the criminal.

So you can't do nothing really about it, it's operator's fault cause they felt for social engineering bullshit.
newbie
Activity: 56
Merit: 0
This is a really serious issue. We all should be careful and make ourselves more secured. Otherwise it can be happened with anyone among us.
newbie
Activity: 70
Merit: 0
In my opinion sim hacking is not new. It has been here for a long time ofcourse it is harmful but I dont think it is harmful or can do any harm to your cryptocurrency balance beacuse it is secured with blockchain technology.
jr. member
Activity: 154
Merit: 1
SimJacking is a serious crime and takes high knowledge and long preparation - serious type of crime.
it's a very serious crime , but its been happening for a long time. with the right precautions it can be avoided
member
Activity: 324
Merit: 15
Hello,

Really interesting topic thank you because I was not aware of this kind of hack. Really surprising that so young guy was involved and the stolen amount seems really huge !

I try to secure at the maximum my assets but always better to know the différents technics that evolve really fast.
newbie
Activity: 63
Merit: 0
We need to raise awareness among the public who are investing in cryptos. They should know that keeping their cryptos in exchanges is never safe. The best way to keep your cryptos safe is to use hardware wallets, software wallets are also a secured way to store cryptos. 2FA authentication is also failing to keep cryptos safe from hackers. I hope there will be a solution to these hackings soon.
newbie
Activity: 218
Merit: 0
this is very upseting news, but phone owner does have any fault here cause if SIM is hacked then the owner can't control it , SIM companies support is mandatory then and we really hope they will provide these support to the users
member
Activity: 392
Merit: 10
It seems there will be nowhere to run to from these hackers as time goes on. New methods of hacking emerge from time to time, leading to the loss of huge sum of money. These people seem capable of putting cryptocurrency at great risk. What can the way out be? Today, there is a latest security and the next day it has been broken.
Pages:
Jump to: