Title: [BEWARE] Sim Port Attack Post by: GreatArkansas on May 24, 2019, 04:07:06 AM Quote from: https://medium.com/coinmonks/the-most-expensive-lesson-of-my-life-details-of-sim-port-hack-35de11517124 I lost north of $100,000 last Wednesday. It evaporated over a 24-hour time span in a “SIM port attack” that drained my Coinbase account. Sim port attack or Sim swap attack is when your associated phone number in your other accounts will port to another sim card or another phone that is controlled by the attacker and they are free to use your phone number now since your phone is connected to different accounts, they will reset the password or use the SMS authentication using the phone number then they are freely easily to open your account. Who are authorize to port your sim/phone number to another device? It is only your carrier provider, e.g. AT&T, Smart Communications, T-MOBILE, etc. -Some attacker here will contact on your carrier provider and some will use some of your personal information just to prove that they are real you. -I experienced to upgrade my sim card before, in my country, I just went on the store branch of my carrier provider then provide 1 valid id then that's all. I don't know they allowed via phone call.
I have some questions: 1. Is there any carrier provider that allowed you to change your sim card or port to another device via phone call only? 2. If this case happens, can we blame our carrier provider on this or take some legal actions? and what more tips or advice you can give to avoid this kind of attack. https://cdn-images-1.medium.com/max/2400/1*-0AtUPyi3NS0EE7DGD-lzA.png Sources/References: The Most Expensive Lesson Of My Life: Details of SIM port hack (https://whatis.techtarget.com/definition/SIM-swap-attack-SIM-intercept-attack) SIM swap attack (SIM intercept attack) (https://medium.com/coinmonks/the-most-expensive-lesson-of-my-life-details-of-sim-port-hack-35de11517124) Read more: This is how you can protect your cryptocurrencies from hackers (https://www.cnbc.com/2017/11/02/heres-how-to-protect-your-bitcoin-and-ethereum-from-hacking.html) Title: Re: [BEWARE] Sim Port Attack Post by: whotookmycrypto on May 24, 2019, 04:25:17 AM I have some questions: 1. Is there any carrier provider that allowed you to change your sim card or port to another device via phone call only? 2. If this case happens, can we blame our carrier provider on this or take some legal actions? and what more tips or advice you can give to avoid this kind of attack. Not sure about 1. On 2, yes there have been cases where this has been successful. Example: https://www.coindesk.com/crypto-investor-awarded-over-75-million-in-sim-swapping-hack-case Tips to avoid this > Avoid storing your coins or funds for long term in a centralized exchange. > Avoid using centralized cryptocurrency wallet. > User hardware wallet or cold wallet. Also, we wrote an article for Binance that does touch on some other ways to protect yourself (https://www.binance.vision/security/common-scams-on-mobile-devices) Quote > Do not use your mobile phone number for SMS 2FA. Instead, use apps like Google Authenticator or Authy to secure your accounts. Cybercriminals are unable to gain access to these apps even if they possess your phone number. Alternatively, you may use hardware 2FA such as YubiKey or Google's Titan Security Key. > Do not reveal personal identifying information on social media, such as your mobile phone number. Cybercriminals can pick up such information and use them to impersonate you elsewhere. > You should never announce on social media that you own cryptocurrencies as this would make you a target. Or if you are in a position where everyone already knows you own them, then avoid disclosing personal information including the exchanges or wallets you use. > Make arrangements with your mobile phone providers to protect your account. This could mean attaching a pin or password to your account and dictating that only users with knowledge of the pin can make changes to the account. Alternatively, you can require such changes to be made in person and disallow them over the phone. Title: Re: [BEWARE] Sim Port Attack Post by: mk4 on May 24, 2019, 04:27:34 AM For the number of hacks that have occurred over the years in the cryptocurrency space, it baffles me how much people still like to leave their funds on exchanges and custodial wallets; and take note that we're talking about $100,000 in this case. Heck, I'm not even comfortable in leaving $200 on an exchange.
Title: Re: [BEWARE] Sim Port Attack Post by: jseverson on May 24, 2019, 05:25:31 AM 1. Is there any carrier provider that allowed you to change your sim card or port to another device via phone call only? It's possible, but this method typically requires you to share private information to verify the caller's identity. If you've been sloppy with your privacy, gotten phished, etc., you could be vulnerable to this. Additionally, there have been instances (https://www.ccn.com/2-4-million-crypto-sim-hijacking-heist-hackers-bribe) where hackers have people on the inside of the telecommunications company helping them pull off the attack. So yeah, you should not be relying on SMS authentication to protect significant amounts (I mean, it's still better than no other protection at all), regardless of carrier. Title: Re: [BEWARE] Sim Port Attack Post by: joniboini on May 24, 2019, 06:42:52 AM 1. Is there any carrier provider that allowed you to change your sim card or port to another device via phone call only? In my country, there is none AFAIK. You need to go to their local center, bring your ID and related materials that can proof you're the owner of that number before you can port a new sim. But this doesn't mean there is no risk. I guess the only possible way to hack this is if a hacker found a way to edit and replicate the national ID of the target. In short, you should protect your private information as strong as you could, don't ever leak any info online, and never expose to others that you own cryptocurrency. Title: Re: [BEWARE] Sim Port Attack Post by: PrimeNumber7 on May 24, 2019, 06:46:46 AM You should not use SMS text messages as a 2FA to access your exchange accounts. Even if you do not keep any money on an exchange, if someone successfully takes over your cell phone number, and can learn your password, or access your email account, they can drain your linked bank account, or max out your credit card associated with/linked to your Coinbase/exchange account.
Google authenticator is far superior in terms of 2FA. In laymens terms, it uses a private key plus the current time to calculate a code good for a limited time. As long as your physical device is kept secure, and malware free, an attacker will be unable to obtain the private key to calculate the 2FA codes. Title: Re: [BEWARE] Sim Port Attack Post by: Ipwich on May 24, 2019, 06:58:32 AM It's the most advance way of hack that I read, very new to me and I don't even think it's possible.
I avoided downloading files online using my phone to prevent from getting hack, but hackers now are getting smarter. Thank you for giving such good information, really appreciate it, try to change some plans. Title: Re: [BEWARE] Sim Port Attack Post by: PrimeNumber7 on May 24, 2019, 07:06:14 AM I avoided downloading files online using my phone to prevent from getting hack, but hackers now are getting smarter. This attack has nothing to do with malware or downloading software. It is a social engineering attack that tricks your cell phone carrier into transferring your service to another phone so the attacker can receive your text messages. Title: Re: [BEWARE] Sim Port Attack Post by: GreatArkansas on May 24, 2019, 08:19:33 AM Also, we wrote an article for Binance that does touch on some other ways to protect yourself (https://www.binance.vision/security/common-scams-on-mobile-devices) Oh, it's really helpful that we should never disclose to anyone our personal information which is prone to use to impersonate you.Additionally, there have been instances (https://www.ccn.com/2-4-million-crypto-sim-hijacking-heist-hackers-bribe) where hackers have people on the inside of the telecommunications company helping them pull off the attack. This thing is really dangerous which it is the first thought comes to my mind about this sim porting which can be done with "inside job" attack for every carrier network company.Heck, I'm not even comfortable in leaving $200 on an exchange. Same here, Since I am a trader, I even withdraw my funds in exchange when I about to go for a long vacation or out of town trip. You should not use SMS text messages as a 2FA to access your exchange accounts. Google authenticator > SMS authenticator. But there are some website that doesn't support google authenticator, that's the bad thing about that.~snip Google authenticator is far superior in terms of 2FA. Title: Re: [BEWARE] Sim Port Attack Post by: DdmrDdmr on May 24, 2019, 09:43:12 AM Last month I came across a similar case (see California Jails Student for 10 Years for $7.5 Million SIM-Swap Bitcoin Hack (https://www.ccn.com/bitcoin-hacker-10-years-jail-7-5-million-sim-swap)). The events took place in 2018 (mostly during the Concencus event), and involve at least 40 victims, many high-tech crypto profiles, but the court sentence came through recently. And this was in the US …
Title: Re: [BEWARE] Sim Port Attack Post by: Lucius on May 24, 2019, 10:07:57 AM If somebody can commit such an attack only via phone call then this is a major security breach of the provider. Such a thing should not be possible, because today is not so difficult to get some data about someone, and then over the phone steal the identity of that person. Only proper way for such actions is personal visit to store and proof of identity there. This also can be abused if attacker is have your fake ID, but I think it's still too much risk for them to walk in store and to be captured on security cameras.
Bottom line in this story is that users should avoid to use mobile numbers / SIM for extra security of crypto related accounts, this proved to be very ineffective and in some cases resulted in huge financial losses. Title: Re: [BEWARE] Sim Port Attack Post by: r1s2g3 on May 24, 2019, 05:37:37 PM I will like to reply all you guys that are saying it is identity breach or it major security flaw in provider service.
Let me explain you how the provider services generally work in USA. In USA every individual have Social Security Number (SSN) it is 10 digit number and confidentiality of this number need to be maintained. In some case where you were asked of SSN, then it is the last 4 digit of SSN (instead of full 10). So phone providers in US verify you by asking your name, DOB and last 4 digit of SSN. If you made this call in public, somebody can easily eavesdrop this data. By your name and DOB it will be very easy to find the phone number. So anybody who has eavesdropped you can successfully do this attack without having any kind of your physical identity. (This is IMHO based on my experience though I never did simport but successfully closed phone numbers and started new number by just a phone call.) Title: Re: [BEWARE] Sim Port Attack Post by: Thirdspace on May 24, 2019, 10:19:51 PM I will like to reply all you guys that are saying it is identity breach or it major security flaw in provider service. imo it's a security flaw in the the sim card replacement procedure, ~ So anybody who has eavesdropped you can successfully do this attack without having any kind of your physical identity. a simple confirmation call from provider to old sim card should help mitigate this attack if this can't be done, then it requires "a personal visit to store and proof of identity" like Lucius said Title: Re: [BEWARE] Sim Port Attack Post by: TheHas on May 25, 2019, 02:34:06 AM This is a major security issue, and I'm sorry to hear you lost so much that must be devastating.
In my country you hear of phone companies saying that a phone number was never meant to be used as a security checking device, and so they are of the view that while they have (basic) security procedures in place, they are not responsible if taking your phone number results in a breach of your broader accounts attached to your phone. They will take responsibility for costs incurred relating to the phone specifically (like making a bunch of overseas calls) but not something like coins, emails or other personal information attached to your account. I hope there is some recourse for you through the phone companies or maybe even insurance. Title: Re: [BEWARE] Sim Port Attack Post by: PrimeNumber7 on May 25, 2019, 03:03:02 AM I will like to reply all you guys that are saying it is identity breach or it major security flaw in provider service. imo it's a security flaw in the the sim card replacement procedure, ~ So anybody who has eavesdropped you can successfully do this attack without having any kind of your physical identity. a simple confirmation call from provider to old sim card should help mitigate this attack if this can't be done, then it requires "a personal visit to store and proof of identity" like Lucius said A store employee can write down they checked ID, but checking a box in a computer does not guarantee this happened. This would also create many negative experiences for customers who do not live near their phone carrier's store locations. Title: Re: [BEWARE] Sim Port Attack Post by: GreatArkansas on May 25, 2019, 04:13:27 AM (This is IMHO based on my experience though I never did simport but successfully closed phone numbers and started new number by just a phone call.) Isn't that alarming or dangerous since you can do it by just a phone call. However, its should be come first responsibility of the owner of phone number how they can protect their phone number or privacy, such their personal information. Title: Re: [BEWARE] Sim Port Attack Post by: Thirdspace on May 25, 2019, 02:21:14 PM if this can't be done, then it requires "a personal visit to store and proof of identity" like Lucius said Your solution is still flawed because it requires all employees of a carrier to not be corrupt, and to follow policy to the "t". internal review and investigation will reveal this employee as a perp or an accomplice or simply negligence A store employee can write down they checked ID, but checking a box in a computer does not guarantee this happened. I'm not sure how it works in your country, but we have to sign paperwork to request for sim card replacement if the employee also falsify this paperwork then he's commiting another crime... this no longer a simple sim port attack This attack has nothing to do with malware or downloading software. It is a social engineering attack that tricks your cell phone carrier into transferring your service to another phone so the attacker can receive your text messages. you said it yourself, "it is a social engineering attack that tricks your cell phone carrier" when you talk about corrupt employee and such, you strayed from the discussion about sim port attack Title: Re: [BEWARE] Sim Port Attack Post by: PrimeNumber7 on May 25, 2019, 07:27:34 PM if this can't be done, then it requires "a personal visit to store and proof of identity" like Lucius said Your solution is still flawed because it requires all employees of a carrier to not be corrupt, and to follow policy to the "t". internal review and investigation will reveal this employee as a perp or an accomplice or simply negligence A store employee can write down they checked ID, but checking a box in a computer does not guarantee this happened. I'm not sure how it works in your country, but we have to sign paperwork to request for sim card replacement if the employee also falsify this paperwork then he's commiting another crime... this no longer a simple sim port attack This attack has nothing to do with malware or downloading software. It is a social engineering attack that tricks your cell phone carrier into transferring your service to another phone so the attacker can receive your text messages. you said it yourself, "it is a social engineering attack that tricks your cell phone carrier" when you talk about corrupt employee and such, you strayed from the discussion about sim port attack If a single employee helps with Sim Port attacks many times, the carrier's internal controls should detect this. If an employee, or a manager over a group of employees helps with a Sim Port attack a small number of times infrequently, it would be more difficult to detect. Title: Re: [BEWARE] Sim Port Attack Post by: gentlemand on May 25, 2019, 08:13:19 PM No one should be putting any aspect of their online security in the hands of a phone company. Social engineering is a very, very powerful thing.
Think it over. You're placing your wealth or poverty in the hands of some bored shitless call centre worker on $10 an hour who barely registers what people say to them any more and wouldn't care if a million customers dropped dead tomorrow. Would you class that person as worthy of deciding the course of your entire future? The tools are out there to completely shut this particular route to disaster down. Use them. Title: Re: [BEWARE] Sim Port Attack Post by: Ipwich on May 26, 2019, 01:39:18 AM I avoided downloading files online using my phone to prevent from getting hack, but hackers now are getting smarter. This attack has nothing to do with malware or downloading software. It is a social engineering attack that tricks your cell phone carrier into transferring your service to another phone so the attacker can receive your text messages. So this is riskier than downloading files in the internet, this one, even if you are online, you can still be victim of hack. As I have stated, what I only avoid is downloading files online but don't know it's still possible to get hack with the new way of hack shared by OP. Title: Re: [BEWARE] Sim Port Attack Post by: r1s2g3 on May 26, 2019, 02:32:25 AM I will like to reply all you guys that are saying it is identity breach or it major security flaw in provider service. imo it's a security flaw in the the sim card replacement procedure, ~ So anybody who has eavesdropped you can successfully do this attack without having any kind of your physical identity. a simple confirmation call from provider to old sim card should help mitigate this attack if this can't be done, then it requires "a personal visit to store and proof of identity" like Lucius said They should be, but they heavily rely on last 4 digit of SSN. If your last 4 digit of SSN become public a lot of attacks like (sim port), I guess can be successfully launched. If by chance , if your all 10 digit of SSN are known, then somebody will able to take the bank loan on it. (Again no physical identity paper (SSN) required. Title: Re: [BEWARE] Sim Port Attack Post by: PrimeNumber7 on August 15, 2019, 05:27:13 AM I avoided downloading files online using my phone to prevent from getting hack, but hackers now are getting smarter. This attack has nothing to do with malware or downloading software. It is a social engineering attack that tricks your cell phone carrier into transferring your service to another phone so the attacker can receive your text messages. So this is riskier than downloading files in the internet, this one, even if you are online, you can still be victim of hack. As I have stated, what I only avoid is downloading files online but don't know it's still possible to get hack with the new way of hack shared by OP. Title: Re: [BEWARE] Sim Port Attack Post by: Kakmakr on August 15, 2019, 07:28:16 AM Sim swaps in my country happens very often, because there are criminal syndicates working within the mobile network providers that are doing these illegal Sim swaps. I also know about incidents where employees were blackmailed to help these criminals to swap some of these Sim cards. <They find employees weak points and they exploit it> >:(
A friend of mine had his whole Bank account swept, because someone within the Bank, worked with these syndicates to hijack his mobile phone and to clone his ATM card. <They swamped him with telephone calls at night and was forced to switch off his phone, so he missed all the notification to his phone that they were drawing money from his account.> >:( >:( >:( Title: Re: [BEWARE] Sim Port Attack Post by: Baofeng on August 29, 2019, 11:45:41 AM Just some update here:
Quote The unscrupulous operators of the TrickBot trojan -- one of today's most active and widespread malware strains -- are now capable of carrying out SIM swapping attacks, security researchers from Secureworks have told ZDNet today. This is possible because over the past month, TrickBot operators have developed a new version of the malware that can intercept login credentials and PIN codes for Sprint, T-Mobile, and Verizon Wireless web accounts. The data TrickBot collects can allow its operators to carry out a so-called SIM swapping attack, porting a victim's phone number to a SIM card under their control. This would allow the TrickBot gang (or someone else) to bypass SMS-based multi-factor authentication solutions and reset passwords for a victim's bank accounts, email accounts, or cryptocurrency exchange portals. https://www.zdnet.com/article/trickbot-todays-top-trojan-adds-feature-to-aid-sim-swapping-attacks/ Really scary how these cyber criminals are evolving. https://i.ibb.co/SfW3Vhn/Screen-Shot-2019-08-29-at-7-46-27-PM.png (https://ibb.co/LNbZ9Lt) Title: Re: [BEWARE] Sim Port Attack Post by: Velkro on August 30, 2019, 10:34:26 PM
Storing on centralized exchange is biggest mistakes people can make in crypto world. I would add to that list also paper wallet as cheaper (free) way of storing crypto. Hardware wallets cost from $20-$100.[/list] Title: Re: [BEWARE] Sim Port Attack Post by: Stedsm on August 30, 2019, 10:53:00 PM And then they say that it's crypto where people lose their money. I'm sure most people here will be blaming crypto alone without even understanding that in this case, the subsistence of services provided by these carriers is to be blamed because their system itself comes under the fault as they allow people to swap their Sim cards with minimum info needed. I can understand that their major concern is to give their customers with quick resolutions but this is where they compromise with their security as well. This incident shows that nothing should be trusted (even your phone number). The person who lost $100k shouldn't have used phone or SMS verification in 2fa at the first place, they must have gone for Google's 2fa).
Title: Re: [BEWARE] Sim Port Attack Post by: hatshepsut93 on August 30, 2019, 10:59:28 PM I have recently removed my mobile number from accounts like gmail, because of the risk that sim swap can be executed against me. It's a weird case when a security measure can make you less secure, instead of at least being just useless. I just can't trust that greedy mobile operators from my country won't sell my number to hackers for a bribe, or hire staff competent enough to recognize hacker's attempts to hijack a number.
Title: Re: [BEWARE] Sim Port Attack Post by: PrimeNumber7 on August 31, 2019, 02:50:11 AM Twitter CEO Jack Dorsey recently has his twitter account hacked via what appears to be a SIM port attack in which someone was able to send many racist tweets on his behalf.
The above is the only details released by Twitter, and it is possible there is more to the story. This does show that anyone can be a victim of these types of attacks. Title: Re: [BEWARE] Sim Port Attack Post by: Baofeng on August 31, 2019, 07:03:45 AM Twitter CEO Jack Dorsey recently has his twitter account hacked via what appears to be a SIM port attack in which someone was able to send many racist tweets on his behalf. The above is the only details released by Twitter, and it is possible there is more to the story. This does show that anyone can be a victim of these types of attacks. I was about to post this info as well but you beat me to it. Anyways, you are right even the CEO of Twitter was hack and it could be this method as well so no one is really safe from this online criminals. Quote How did it happen? A source at the company confirmed to the BBC that the hackers had used a technique known as "simswapping" (or "simjacking") in order to control Mr Dorsey's account. https://www.bbc.com/news/technology-49532244 Title: Re: [BEWARE] Sim Port Attack Post by: PrimeNumber7 on August 31, 2019, 04:00:35 PM Twitter CEO Jack Dorsey recently has his twitter account hacked via what appears to be a SIM port attack in which someone was able to send many racist tweets on his behalf. The above is the only details released by Twitter, and it is possible there is more to the story. This does show that anyone can be a victim of these types of attacks. I was about to post this info as well but you beat me to it. Anyways, you are right even the CEO of Twitter was hack and it could be this method as well so no one is really safe from this online criminals. Quote How did it happen? A source at the company confirmed to the BBC that the hackers had used a technique known as "simswapping" (or "simjacking") in order to control Mr Dorsey's account. https://www.bbc.com/news/technology-49532244 In theory, hackers might be able to spoof the number text messages are from in order to send tweets, which might make SIM porting the number unnecessary. Title: Re: [BEWARE] Sim Port Attack Post by: Baofeng on September 05, 2019, 11:00:35 PM Twitter CEO Jack Dorsey recently has his twitter account hacked via what appears to be a SIM port attack in which someone was able to send many racist tweets on his behalf. The above is the only details released by Twitter, and it is possible there is more to the story. This does show that anyone can be a victim of these types of attacks. I was about to post this info as well but you beat me to it. Anyways, you are right even the CEO of Twitter was hack and it could be this method as well so no one is really safe from this online criminals. Quote How did it happen? A source at the company confirmed to the BBC that the hackers had used a technique known as "simswapping" (or "simjacking") in order to control Mr Dorsey's account. https://www.bbc.com/news/technology-49532244 In theory, hackers might be able to spoof the number text messages are from in order to send tweets, which might make SIM porting the number unnecessary. Twitter temporarily disables 'Tweeting via SMS' after CEO gets hacked Quote Twitter today finally decided to temporarily disable a feature, called 'Tweeting via SMS,' after it was abused by a hacking group to compromise Twitter CEO Jack Dorsey last week and sent a series of racist and offensive tweets to Dorsey's followers. Dorsey's Twitter account was compromised last week when a hacker group calling itself "Chuckling Squad" replicated a mobile phone number associated with the CEO account and abused this particular feature to post racist, offensive messages and bomb threats from it via SMS. https://thehackernews.com/2019/09/tweet-via-sms-text-message-hacking.html So it looks like they temporarily 'Tweeting via SMS", disable it after the Dorsey fiasco. Seems the least they can do right now to prevent such exploit in the future. Title: Re: [BEWARE] Sim Port Attack Post by: hd49728 on September 07, 2019, 04:30:13 AM I have not noticed the feature to tweet via SMS. I always log in my Twitter account, and honestly I simply read others' tweets. In my nation, there is very limited proportion of Tweeters, so I join Twitter mainly because powerful guys prefer to use Twitter to spread their important news, perspectives, analyses, etc. fastly.
The hack demonstrates that activate 2FA security for accounts is important, not only with Twitter, but also with Facebook, Instagram, exchanges, casinos. Title: Re: [BEWARE] Sim Port Attack Post by: PrimeNumber7 on September 07, 2019, 03:51:46 PM Twitter CEO Jack Dorsey recently has his twitter account hacked via what appears to be a SIM port attack in which someone was able to send many racist tweets on his behalf. The above is the only details released by Twitter, and it is possible there is more to the story. This does show that anyone can be a victim of these types of attacks. I was about to post this info as well but you beat me to it. Anyways, you are right even the CEO of Twitter was hack and it could be this method as well so no one is really safe from this online criminals. Quote How did it happen? A source at the company confirmed to the BBC that the hackers had used a technique known as "simswapping" (or "simjacking") in order to control Mr Dorsey's account. https://www.bbc.com/news/technology-49532244 In theory, hackers might be able to spoof the number text messages are from in order to send tweets, which might make SIM porting the number unnecessary. Twitter temporarily disables 'Tweeting via SMS' after CEO gets hacked Quote Twitter today finally decided to temporarily disable a feature, called 'Tweeting via SMS,' after it was abused by a hacking group to compromise Twitter CEO Jack Dorsey last week and sent a series of racist and offensive tweets to Dorsey's followers. Dorsey's Twitter account was compromised last week when a hacker group calling itself "Chuckling Squad" replicated a mobile phone number associated with the CEO account and abused this particular feature to post racist, offensive messages and bomb threats from it via SMS. https://thehackernews.com/2019/09/tweet-via-sms-text-message-hacking.html So it looks like they temporarily 'Tweeting via SMS", disable it after the Dorsey fiasco. Seems the least they can do right now to prevent such exploit in the future. At a minimum, Twitter should reply to SMS tweets with a request to enter a password, but ideally, someone would need to send a time based code that is good for perhaps several minutes to an hour each time they want to SMS tweet. Title: Re: [BEWARE] Sim Port Attack Post by: GreatArkansas on September 11, 2019, 06:25:59 AM I found an article about cases on sim port attack, but this article was on June 2019. But it is said that most of the victims or almost compromised are into cryptocurrency, check here: Wave of SIM swapping attacks hit US cryptocurrency users (https://www.zdnet.com/article/wave-of-sim-swapping-attacks-hit-us-cryptocurrency-users/).
And it was stated by one of the detective about this case, possible 3 ways: Quote The first is when the attacker bribes or blackmails a mobile store employee into assisting in the crime. The second involves current and/or former mobile store employees who knowingly abuse their access to customer data and the mobile company's network. Finally, crooked store employees may trick unwitting associates at other stores into swapping a target's existing SIM card with a new one. Title: Re: [BEWARE] Sim Port Attack Post by: masulum on September 30, 2019, 04:48:48 AM Today I read another news related with SIM attack, Called WIB (Wireless Internet Browser) attack.
This is explanation about WIBAttack https://ginnoslab.org/wp-content/uploads/2019/09/image-3.png Copyrights: Ginnoslab.org Quote from: ginnoslab.org pages What is WIB? As an alternative to static SIM toolkit applications with a fixed pre-installed menu, some operators opt for dynamic SIM toolkit, where the menus and user dialogs are generated on the fly based on information provided by a central server. SIM applications that provide this functionality are generally referred to as SIM-browsers or µ-browsers. Two browsers are currently available, the Wireless Internet Browser (WIB) which was the first successful browser released and promoted on the market by SmartTrust. The Wireless Internet Browser (WIB) is specified by SmartTrust and is the market leading solution for SIM toolkit based browsing. The WIB-enabled SIM has a menu stored on the SIM. This menu can be managed and updated using Over The Air (OTA) services. Read full articles and explanation here: https://ginnoslab.org/2019/09/21/wibattack-vulnerability-in-wib-sim-browser-can-let-attackers-globally-take-control-of-hundreds-of-millions-of-the-victim-mobile-phones-worldwide-to-make-a-phone-call-send-sms-to-any-phone-numbers/ Demo how attacker sending SMS from same number to get a victim can be found at articles. or you can check this video directly (https://www.youtube.com/watch?v=oZEjw6lOuhY) Title: Re: [BEWARE] Sim Port Attack Post by: GreatArkansas on April 08, 2020, 07:26:33 AM BUMP!
Title: Re: [BEWARE] Sim Port Attack Post by: BayAngelo on April 09, 2020, 04:49:34 PM yes, i worked with a telecommunication company 2 years back. there were issues like this and it is a frequent re-occurrence. scammers do connived with bank staffs to swap sim cards of rich persons. after which they(scammers) contact the telecommunication for sim swap. such occurrence which requires a proper check up by the telecommunications due get outsmarted after series of check by the telecommunication.
Title: Re: [BEWARE] Sim Port Attack Post by: GreatArkansas on May 12, 2020, 12:43:06 AM SIM port attack turns out to be a very-simple-money even for teens (https://cointelegraph.com/news/crypto-investor-sues-new-york-teen-for-714-million-in-sim-swap-saga). IMO, to prevent this carrier providers should at least temporally charge for the swap (say $1000) and refund it after SIM original owner confirmed it. If not then that swap should be canceled and money not be returned. For sure that is already have been thinking or tried by some telecommunication providers, but they should also think some of the parts where their customers will easy to swap their sim cards in a legit way, that's why this Sim Port Attack is started to spread.For me, the best way to do is actual sim swapping per customers, like the customer is allowed to go in some branch or office of their telco, but this is kinda not comfortable for the side of the customer. Title: Re: [BEWARE] Sim Port Attack Post by: cryptomaniac_xxx on September 26, 2020, 07:51:21 AM If I may just bump this thread,
https://www.bleepingcomputer.com/news/security/scammers-drain-bank-accounts-using-anydesk-and-sim-swapping/ Quote Scammers mixed together a malicious cocktail of social engineering, SIM-swapping, and remote desktop software to empty the bank accounts of at least three victims. In total, victims lost more than $350,000. They were likely swindled by the same individuals since the modus operandi and some details were the same in all three cases. In at least one instance, the scammers converted the money to cryptocurrency, to make it more difficult to track. Dangerous combination, social engineering + SIM Swap = lost of money to the victims. Title: Re: [BEWARE] Sim Port Attack Post by: UmerIdrees on July 30, 2022, 12:55:51 PM I just have one question about this sim port attack. In order for anyone to hijack my SIM, he needs to be present in my local area and it can't be done outside the country. Is it so?
For example, In my country, we have JAZZ, WARID, and Ufone mobile operators and since these networks are available locally, it is not possible for anyone to port my sim internationally and get the codes/SMS etc. ? Title: Re: [BEWARE] Sim Port Attack Post by: PrimeNumber7 on July 31, 2022, 07:42:35 PM I just have one question about this sim port attack. In order for anyone to hijack my SIM, he needs to be present in my local area and it can't be done outside the country. Is it so? The attacker would need to have assistance from someone who has the ability to update your mobile phone account with a new SIM card. This means the attacker can be in any location. Some mobile phone operators have employees based in other countries than where they operate. For example, In my country, we have JAZZ, WARID, and Ufone mobile operators and since these networks are available locally, it is not possible for anyone to port my sim internationally and get the codes/SMS etc. ? |