Crypto SIM swap scams have been on the rise lately. Pseudonymous blockchain sleuth ZachXBT recently brought to light that more than $13.3 million had been siphoned off in the last four months. Around 54 swaps were targeted at people in the crypto industry.
A SIM swap scam is a type of fraud where hackers take control of victims’ mobile phone numbers. This typically relies on “social engineering.” Perpetrators trick cell phone network customer service operators into revealing personal information about targeted users. Hackers then use that information to get through security tests and port the phone numbers to new SIM cards and phones that they control.
Also Read: Binance Might ‘Not’ be Manipulating the Bitcoin Market Yet
Blockchain Capital Executive Becomes Crypto SIM Swap Scam Victim, Files Lawsuit
In 2022, the FBI warned users about criminals swapping SIMs to steal money from crypto accounts. The agency pointed out that once victims obtain control of the SIM, they change the passwords of all accounts. In fact, they can defeat any SMS-based or mobile 2FA on any account with control of the victim’s phone number. According to estimates, $68 million was lost to SIM swap scams in 2021. The following year, i.e., in 2022, the figure rose to $72 million.
The Co-Founder and Managing Partner of crypto fund Blockchain Capital, Bart Stephens, recently filed a lawsuit against an anonymous hacker who stole $6.3 million worth of Bitcoin, Ethereum, and other crypto assets from his wallets. The executive alleged that the hacker, identified as Jane Doe, used personal information available online and on the dark web to get through security checks with his cellular network provider.
One day before the hacker siphoned crypto and moved it to other crypto wallets, he wrote to Stephens, claiming that he could “remotely hack anyone’s phone number in the mainland U.S.” The message was sent from one of Stephens’ own hacked accounts to his work email. The hacker also tried to steal BTC and ETH worth $14 million from a “custodial cold wallet” owned by Stephens. However, it was blocked by a Blockchain Capital employee who had been notified of the withdrawal.
Also Read: FBI: Lazarus Group Might Sell $40 Million in Bitcoin
Victims found it challenging to prove identity
Over the past few months, several influential people from the industry, including Steve Aoki, RektProof, John E Deaton, Jeremy Hogan, Pete Rizzo, Bitboy, Tim Beiko, and Peter Brandt, fell victim to this type of scam. IncomeSharks, another victim of the SIM swap scam, recently revealed that it was harder for him to prove his identity to get his phone number back than it was for the hacker to take over.
ZachXBT cautioned users and asked them to never use SMS 2FA. He pointed out that using an authenticator app or security key to secure accounts was always a better option. Along with this, he wished that network providers took this issue more seriously.
Also Read: Israel: Crypto Entrepreneur Accused of $290 Million Scam