Source: Cointelegraph; Translation: Wu Shuo Blockchain
On July 21st, Uniswap founder Hayden Adams’ Twitter account was hacked and a tweet containing a phishing link was posted. It is reported that this hacking may be a form of SIM card theft, in which the attacker takes over the victim’s phone number, allowing them to access bank accounts, credit cards, or accounts.
On July 23rd, Coinlist’s account was also hacked and a phishing link was posted. In addition, on July 5th, LayerZero’s Twitter account was hacked, in June the DEX trading aggregation platform Slingshot’s official Twitter account was hacked, and BitBoy founder Ben Armstrong’s Twitter account was hacked, and so on. Why have so many cryptocurrency accounts been stolen? How should users guard against it?
Below is the full translation of the Cointelegraph article:
- Why do application developers choose Anoma to build CoFi applications?
- Finding the ‘Holy Grail’ of the blockchain gaming track in the next bull market
- THORChain Anonymity – Unveiling the Shadow of Terra LUNA
Since SIM card swapping attacks are generally considered to have low technical skill requirements, users must remain vigilant about their identity security. Despite continuous improvements in cybersecurity infrastructure, online identities still face many risks, including those related to hackers attacking users’ phone numbers.
In early July, LayerZero CEO Bryan Pellegrino became one of the latest victims of a SIM card swapping attack, which briefly took over his Twitter account. After regaining control of his Twitter account, Pellegrino quickly wrote: “I guess someone took my ID from the trash and somehow convinced the agent during my absence from Collision that it was proof of identity for a SIM card swap.” Pellegrino told Cointelegraph, “It was just a regular paper conference ID that said ‘Bryan Pellegrino – Speaker’.”
Pellegrino’s experience may lead users to believe that executing a SIM card swapping attack is as simple as taking someone else’s ID. Cointelegraph has contacted some cryptocurrency security companies to find out if this is true.
What is a SIM card swapping attack
A SIM card swapping attack is a form of identity theft in which the attacker takes over the victim’s phone number, allowing them to access their bank accounts, credit cards, or cryptocurrency accounts.
In 2021, the Federal Bureau of Investigation received over 1,600 complaints involving losses of over $68 million related to SIM card swapping. Compared to complaints received in the previous three years, this represents a 400% increase in complaints, indicating that SIM card swapping attacks are “definitely on the rise,” CertiK’s Director of Security Operations, Hugh Brooks, told Cointelegraph. Brooks said, “If we don’t move away from relying on SMS-based two-factor authentication and telecommunications providers don’t improve their security standards, we may see the number of attacks continue to rise.”
According to 23pds, Chief Information Security Officer of SlowMist Security Company, SIM card swapping attacks are not currently very common, but they have significant growth potential in the near future. He said, “As the popularity of Web3 increases and attracts more people to enter this industry, the possibility of SIM card swapping attacks will also increase due to its relatively low technical requirements.”
23pds mentioned some cases of SIM card swapping hacking attacks involving cryptocurrencies in the past few years. In October 2021, Coinbase officially disclosed that hackers stole cryptocurrencies from at least 6,000 customers due to a vulnerability in two-factor authentication (2FA). Previously, British hacker Joseph O’Connor was prosecuted in 2019 for stealing approximately 800,000 US dollars worth of cryptocurrencies through multiple SIM card swapping attacks.
How difficult is it to execute a SIM card swapping attack?
According to an executive from CertiK, SIM card swapping attacks can usually be carried out using publicly available information or information obtained through social engineering techniques. Brooks from CertiK said, “Overall, compared to attacks with higher technical requirements, such as smart contract exploits or exchange hacking, SIM card swapping may be considered a lower entry barrier for attackers.”
23pds from SlowMist agrees that SIM card swapping does not require advanced technical skills. He also pointed out that this type of SIM card swapping is “common” in the Web2 world, so its appearance in the Web3 environment is “not surprising”. He said, “It is usually easier to execute by deceiving relevant operators or customer service personnel through social engineering techniques.”
How to prevent SIM card swapping attacks
Since SIM card swapping attacks usually do not require high technical skills from hackers, users must remain vigilant about their identity security to prevent such attacks.
The core protective measure to prevent SIM card swapping attacks is to limit the use of SIM card-based two-factor authentication methods. Budorin from Hacken pointed out that instead of relying on methods like SMS, it is better to use applications like Google Authenticator or Authy.
23pds from SlowMist also mentioned more strategies, such as multi-factor authentication and enhanced account verification, such as additional passwords. He also strongly recommends users to set strong passwords or PIN codes for SIM cards or mobile accounts.
Another method to avoid SIM card swapping is to protect personal data such as name, address, phone number, and date of birth. 23pds from SlowMist also advises carefully reviewing online accounts for any abnormal activities.
Brooks from CertiK emphasizes that platforms should also be responsible for promoting secure two-factor authentication practices. For example, companies can require additional verification before allowing changes to account information and educate users about the risks of SIM card swapping.