• Latest
CoinDesk Explains SIM Jacking – CoinDesk

CoinDesk Explains SIM Jacking – CoinDesk

February 26, 2020
ygg sea surpasses 10,000 scholarships in just six months of launch

YGG SEA Surpasses 10,000 Scholarships in Just Six Months of Launch

May 6, 2022
mintable launches industry changing gas free minting service on ethereum

Mintable Launches Industry Changing Gas Free Minting Service on Ethereum

May 1, 2022
5 projects enabling smart contract development on bitcoin

5 Projects Enabling Smart Contract Development on Bitcoin

April 29, 2022
bitcoin atm installed in mexico's senate building

Bitcoin ATM installed in Mexico’s Senate Building

April 27, 2022
cross chain services play a crucial role in facilitating continued adoption of defi applications

Cross-Chain Services Play a Crucial Role in Facilitating Continued Adoption of DeFi Applications

April 26, 2022
justin sun launches usdd, integrating the blockchain world and the real world with the decentralized stablecoin

Justin Sun Launches USDD, Integrating the Blockchain World and the Real World with the Decentralized Stablecoin

April 25, 2022
nfts: the next musical revolution

NFTs: The Next Musical Revolution

April 24, 2022
things you should know before investing in nfts

Things You Should Know Before Investing in NFTs

April 24, 2022
what are wrapped tokens?

What Are Wrapped Tokens?

April 23, 2022
what is the future of ethereum (eth)?

What is the future of Ethereum (ETH)?

April 22, 2022
green gaming

Everything You Need to Know About Play-to-Earn on Algorand in 2022

April 21, 2022
$ape going bananas as rumors of upcoming land sale of bayc metaverse gather momentum

$APE Going Bananas As Rumors of Upcoming Land Sale of BAYC Metaverse Gather Momentum

April 21, 2022
  • Home
  • Coin Market Cap
  • Bitcoin
  • Ethereum
  • Ripple
  • Litecoin
  • Alt Coin
  • Business
  • Trading
  • Mining
CoinNewsDaily
  • Home
  • Coin Market Cap
  • Bitcoin
  • Ethereum
  • Ripple
  • Litecoin
  • Alt Coin
  • Business
  • Trading
  • Mining
No Result
View All Result
  • Home
  • Coin Market Cap
  • Bitcoin
  • Ethereum
  • Ripple
  • Litecoin
  • Alt Coin
  • Business
  • Trading
  • Mining
No Result
View All Result
CoinNewsDaily
No Result
View All Result
Home Business

CoinDesk Explains SIM Jacking – CoinDesk

coinnewsdaily by coinnewsdaily
February 26, 2020
in Business
0
CoinDesk Explains SIM Jacking – CoinDesk
190
SHARES
1.5k
VIEWS
Share on FacebookShare on Twitter

Related articles

ygg sea surpasses 10,000 scholarships in just six months of launch

YGG SEA Surpasses 10,000 Scholarships in Just Six Months of Launch

May 6, 2022
5 projects enabling smart contract development on bitcoin

5 Projects Enabling Smart Contract Development on Bitcoin

April 29, 2022

For early access before our regular noon Eastern time releases, subscribe with Apple Podcasts, Spotify, Pocketcasts, Google Podcasts, Castbox, Stitcher, RadioPublica or RSS.

In the pantheon of crypto hacks, “SIM jacking” is one of the worst. The hack, which is less a hack and more social engineering, is basically a form of identity theft, with the attacker swapping a victim’s SIM card remotely, usually with the help of your cell-phone carrier, and then breaking into that victim’s email, crypto, bank accounts, basically all the stuff you definitely don’t want someone to break into. And the consequences can be dire, it’s also netted attackers tens of millions in loot over the past few years.

It’s audacious but it’s also preventable, with a little awareness. 

In this episode of CoinDesk Explains, CoinDesk editors Adam B. Levine and John Biggs explain the attack, what it could mean for you, how it works and what you can do to prevent it in a way that even John could understand. Special thanks to security guru Ralph Echemendia for the advice in today’s podcast.

For early access before our regular noon Eastern time releases, subscribe with Apple Podcasts, Spotify, Pocketcasts, Google Podcasts, Castbox, Stitcher, RadioPublica or RSS.

Transcript

In the pantheon of crypto hacks, “SIM jacking” is one of the worst. The hack, which is less a hack and more social engineering, is basically a form of identity theft, with the attacker swapping a victim’s SIM card remotely, usually with the help of your cell-phone carrier, and then breaking into your email, crypto, bank accounts, basically all the stuff you definitely don’t want someone to break into. It’s audacious but it’s also preventable with a little awareness. And the consequences can be dire, it’s also netted attackers tens of millions in loot over the past few years.

Welcome to CoinDesk Explains, an occasional series from the Markets Daily team where we break down and explore the complex world of Blockchains and Cryptocurrencies like Bitcoin. I’m John Biggs…

…and I’m Adam B. Levine. In today’s tightly connected world it always sucks to lose your phone, but when you add “your money” to that sentence it’s even more painful.  

So this time we’re talking about how some people have lost their phones [and], with the help of some clever social engineering, sometimes tens of millions of dollars along with it.

So John, you experienced this firsthand, right?

Absolutely. Back in 2017  some jackass swapped their SIM card with mine, I guess by calling T-Mobile and pretending to be me.  They were like, “Hello, this is John Biggs, I upgraded my phone or something and need you to transfer service to my new phone.” Now, clearly this was not me calling, but T-Mobile must have believed them and made it happen.  

AND NOW A DRAMATIC RE-ENACTMENT, FEATURING JOHN BIGGS AS THE PHONE COMPANY REP AND ADAM B. LEVINE AS THE FAKE JOHN BIGGS.

Thanks for calling your phone company, how can I help you today?

Hi, yeah, I’m John Biggs and I need you to activate my new SIM card.

I’m happy to help you with that. Can you verify your account with your Social Security number, your blood type and your shoe size?

Actually no, I’m in a big hurry and just need you to help me out.

I’m sorry sir, I can’t help you if you can’t verify your account. 

Darn, OK, I’ll call back later.

Hello, this is another rep from your phone company. How can I help you?

Hi, I’m John Biggs and need you to activate my new phone.

Can you verify your account?

That’s fine, let me make that change now.

It’s pretty much that easy. The real trick is that if you don’t succeed with the first rep, you can call back basically an unlimited number of times until your phone company support slips up, forgets security protocol and agrees to make the change.  And these guys are really clever, with like crying baby sounds in the background and stuff.

That’s the social engineering part. Nobody is actually hacking or attacking your phone itself, they’re taking advantage of the fact that T-Mobile support wants to help you, or at least not get yelled at by you too much.  So when somebody calls up and pretends to be you, they can wind up helping someone trying to steal from you instead. So what happened?

Yeah, my carrier bought it alright, and helped them out by activating their new phone with my current number.  That, in turn, shut off network services to my phone and, moments later, allowed the hacker to change most of my Gmail passwords, my Facebook password and to text on my behalf. 

Ok, so now they have your cell phone, they get your phone calls, they get your text messages and you don’t. But how does that get them the ability to change all those passwords?

Just about every service out there from Gmail to Facebook to Coinbase to BYNANCE are concerned that you’re not going to do a good job of managing your passwords. So they did something even more insecure by adding two-factor authentication via text message. A lot of companies have stopped this, but it’s still a huge hole.

So when your phone became their phone, now they were the ones who could reset your password.

That’s right. All of the two-factor notifications went, by default, to my phone number, which was now their phone number, so I received none of the notifications and in about two minutes I was locked out of my digital life.

Yeah… I noticed all of this at about 10 p.m. and I was lucky. I knew what was happening and called T-Mobile. By 10:30 p.m. I reset my old SIM and began the process of changing all of my passwords and hardening my two-factor accounts and T-Mobile account.

So, this is a funny story. A week before I was talking to someone in crypto on Facebook. I forget what about. So a few days after that I got a message from that guy on Facebook Messenger saying, “Hey, I’m in a really bad financial situation and I can’t get to my crypto. Can you send me six bitcoin right and I’ll send you eight tomorrow?” 

And I’m like “Huh, that sounds like a good deal!”

Luckily, no, but that was the MO. When I was locked out of my accounts, the hackers pretended to be me and asked my friends to send them bitcoin. One of them texted one of my friends and said, “If I don’t get this crypto right now they’ll pull the plug on my dad at the hospital.” They had figured out my dad was sick. And the crypto friend was like “Uh, yeah, that’s not how hospitals work.”

There was also the case of Nicholas Truglia, a 21-year-old New Yorker who hijacked multiple phones and actually stole millions of dollars. According to court documents, Truglia is alleged to have stolen from his father and even a dead man.

Most notably, Truglia got Michael Terpin, a cryptocurrency investor. He used one of these socially engineered SIM swaps with Terpin’s phone to steal $24 million in crypto, which led to Terpin opening a $200 million lawsuit against his cell phone provider, AT&T. 

How much did this guy have? According to court documents, he had a number of Trezors. “One had over $40 million in cash value of various cryptos, and the other one had over $20 million cash value of various cryptos.” It’s nuts.

So how do you fight back?

My buddy Ralph, CEO of Seguru and Oliver Stone’s tech guy, has some ideas. I talked to him today about protecting yourself from SIM hacks.

So SIM locks and two-factor everything, but not with text messages.

Disclosure Read More

The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.

Credit: Source link

Tags: AdamBusinesscellular telephoneCryptoCrypto BusinessJohn Biggsmedia outletMissouri
Share76Tweet48
Previous Post

Compound Extends DeFi Ethos to Itself, Launches Governance Token

Next Post

Price Analysis Feb 26: BTC, ETH, XRP, BCH, BSV, LTC, EOS, BNB, XTZ, ADA

coinnewsdaily

coinnewsdaily

CoinNewsDaily.com is an online Crypto Coin News Website that aims to provide latest trendy news from market and around the world.

Related Posts

ygg sea surpasses 10,000 scholarships in just six months of launch
Alt Coin

YGG SEA Surpasses 10,000 Scholarships in Just Six Months of Launch

May 6, 2022
5 projects enabling smart contract development on bitcoin
Alt Coin

5 Projects Enabling Smart Contract Development on Bitcoin

April 29, 2022
cross chain services play a crucial role in facilitating continued adoption of defi applications
Alt Coin

Cross-Chain Services Play a Crucial Role in Facilitating Continued Adoption of DeFi Applications

April 26, 2022
justin sun launches usdd, integrating the blockchain world and the real world with the decentralized stablecoin
Alt Coin

Justin Sun Launches USDD, Integrating the Blockchain World and the Real World with the Decentralized Stablecoin

April 25, 2022
what are wrapped tokens?
Bitcoin

What Are Wrapped Tokens?

April 23, 2022
what is the future of ethereum (eth)?
Alt Coin

What is the future of Ethereum (ETH)?

April 22, 2022
Load More
Next Post
Price Analysis Feb 26: BTC, ETH, XRP, BCH, BSV, LTC, EOS, BNB, XTZ, ADA

Price Analysis Feb 26: BTC, ETH, XRP, BCH, BSV, LTC, EOS, BNB, XTZ, ADA

Categories

  • Alt Coin
  • Bitcoin
  • Business
  • Ethereum
  • ICO
  • Litecoin
  • Mining
  • NFT
  • Ripple
  • Tech
  • Trading

What New here?

  • YGG SEA Surpasses 10,000 Scholarships in Just Six Months of Launch
  • Mintable Launches Industry Changing Gas Free Minting Service on Ethereum
  • 5 Projects Enabling Smart Contract Development on Bitcoin

Subscribe to Get More!

Loading
  • About Us
  • Contact Us
  • Privacy & Policy

© 2018-2021 CoinNewsDaily.com by CoinNewsDaily Inc. Crafted with Love by iFtiDev

No Result
View All Result
  • Home
  • Coin Market Cap
  • Bitcoin
  • Ethereum
  • Ripple
  • Litecoin
  • Alt Coin
  • Business
  • Trading
  • Mining

© 2018-2021 CoinNewsDaily.com by CoinNewsDaily Inc. Crafted with Love by iFtiDev

  • bitcoinBitcoin(BTC)$20,893.00-2.28%
  • ethereumEthereum(ETH)$1,206.11-1.77%
  • tetherTether(USDT)$1.00-0.04%
  • binancecoinBNB(BNB)$237.77-0.91%
  • rippleXRP(XRP)$0.350534-3.72%
  • cardanoCardano(ADA)$0.488189-3.28%
  • SolanaSolana(SOL)$38.60-5.50%
  • dogecoinDogecoin(DOGE)$0.071509-7.17%
  • polkadotPolkadot(DOT)$7.72-5.00%
  • Shiba InuShiba Inu(SHIB)$0.000011-6.39%
  • daiDai(DAI)$1.000.00%
  • tronTRON(TRX)$0.066765-2.79%
  • leo-tokenLEO Token(LEO)$5.81-1.35%
  • matic-networkPolygon(MATIC)$0.53-8.77%
  • litecoinLitecoin(LTC)$55.65-4.53%
  • FTXFTX(FTT)$27.40-1.20%
  • OKBOKB(OKB)$12.34-2.89%
  • CronosCronos(CRO)$0.124664-2.39%
  • chainlinkChainlink(LINK)$6.58-5.12%
  • stellarStellar(XLM)$0.118891-3.51%
  • cosmosCosmos Hub(ATOM)$7.82-7.16%
  • algorandAlgorand(ALGO)$0.330662-4.01%
  • ethereum-classicEthereum Classic(ETC)$16.38-5.05%
  • moneroMonero(XMR)$120.42-5.84%
  • bitcoin-cashBitcoin Cash(BCH)$111.47-3.93%
  • vechainVeChain(VET)$0.024787-1.70%
  • tezosTezos(XTZ)$1.679.38%
  • Internet ComputerInternet Computer(ICP)$5.91-0.74%
  • theta-tokenTheta Network(THETA)$1.35-3.37%
  • filecoinFilecoin(FIL)$5.80-4.59%
  • ElrondElrond(EGLD)$55.46-4.55%
  • bitcoin-cash-svBitcoin SV(BSV)$59.30-4.72%
  • eosEOS(EOS)$0.99-3.15%
  • AaveAave(AAVE)$66.47-1.61%
  • makerMaker(MKR)$998.73-4.66%
  • paxos-standardPax Dollar(USDP)$1.00-0.05%
  • huobi-tokenHuobi(HT)$5.30-1.26%
  • iotaIOTA(MIOTA)$0.290604-2.02%
  • zcashZcash(ZEC)$61.88-7.16%
  • neoNEO(NEO)$9.50-3.56%
  • zilliqaZilliqa(ZIL)$0.043945-6.92%
  • basic-attention-tokenBasic Attention(BAT)$0.392624-3.85%
  • wavesWaves(WAVES)$5.79-6.48%
  • havvenSynthetix Network(SNX)$2.42-12.51%
  • dashDash(DASH)$49.07-4.49%
  • PancakeSwapPancakeSwap(CAKE)$3.38-1.00%
  • KusamaKusama(KSM)$53.53-3.07%
  • nemNEM(XEM)$0.0422260.00%
  • Elrond ERDElrond ERD(ERD)$0.0259290.00%
  • CompoundCompound(COMP)$50.68-4.70%
  • ethlendAave [OLD](LEND)$4.103.48%
  • qtumQtum(QTUM)$3.02-2.69%
  • bitcoin-goldBitcoin Gold(BTG)$17.12-2.55%
  • omisegoOMG Network(OMG)$2.010.72%
  • golemGolem(GLM)$0.2593096.15%
  • SushiSushi(SUSHI)$1.15-3.82%
  • ontologyOntology(ONT)$0.2511802.51%
  • yearn-financeyearn.finance(YFI)$6,070.39-8.28%
  • umaUMA(UMA)$2.70-3.42%
  • digibyteDigiByte(DGB)$0.010041-5.60%
  • UniswapUniswap(UNI)$2.4438.80%
Posting....