It shouldn’t come as a surprise that SIM hijackers who target cryptocurrencies are innovating. Usually, the most preferred targets are people with cryptocurrencies who have little to no technical knowledge. Recently however, SIM hijackers have definitely upped their games and the level of their targets.
Sean Coonce is the engineering manager at BitGo and he recently fell victim to SIM hijackers. In a brave move, Coonce publicly stated that he lost more than $100 000 from his Coinbase account. The entire process took less than 24 hours and there were no indications that the theft was ongoing.
My personal identity was hacked last week. The attacker was able to steal $100k+ in a sweep of my Coinbase account. I'm equal parts embarrassed, hurt, and deeply remorseful.
In an effort to raise awareness about the attack, I wrote about it here: https://t.co/ZnbB0AN6Gd
— Sean Coonce (@cooncesean) May 20, 2019
Coonce is definitely knows his way around technology. He believes that the SIM hijackers managed to port his SIM card to a device under their control. The first sign was that he lost service on his smartphone. Soon afterwards, he attempted to sign into his Google account but the access was denied.
SIM Hijackers must work quickly
During this time, the attackers had already begun the password recovery process for his Coinbase account. Due to security procedures, the password reset link can only be sent after 24 have passed since the request was initiated. One flaw that the SIM hijackers knew how to exploit however, was that the email can basically be deleted. This eliminates any trail of the correspondence with Coinbase.
Coonce initially believed that the SIM card problems arose due to him dropping his smartphone. He acquired a new SIM card the next day and believed that the problem was solved. The same evening, his coverage disappeared again and he got a lot of messages telling him to log into his Google account.
He decided to leave the problem for the next day. Unfortunately, the password reset was complete and his Coinbase wallet was quickly drained. Cryptocurrencies were also purchased with Coonce’s funds and later moved to a non-Coinbase on-chain address.
SIM-swap incidents are occurring more than ever. Some SIM-swaps are an inside job, but usually they happen entirely on the outside.
A few weeks ago, prosecutors from US Attorney’s Office for the Eastern District of Michigan charged multiple people who were believed to be SIM hijackers. Apparently, their activities were more than fruitful since they managed to rack up more than $2.4 million. A few of them were working for a wireless carrier and were the above mentioned inside men.
Coonce remained extremely calm and collected and attributed the incident to his own lack of preparations. He stated:
“I fully understood the risk for my profile. I didn’t take online security seriously enough and was too lazy to secure my own assets.”
You can also check out:
- Ontology Gains More than Bitcoin: New Horizons Ahead
- Twitter Privacy Levels Continue to Shock as New Bug Takes Over
- Console Wars: Sony’s Dominance Will be Tested Next Round
- Crypto Inheritance Will Soon be Discussed by Financial Institutions
- CENTRE Consortium Expanding: More Members Gain Access to USDCs - Jun 14, 2019
- Bitcoin Theft has to be Answered Personally by Craig Wright - Jun 13, 2019
- Blockchain-based Tools to be Used After Improvements from Microsoft - Jun 12, 2019
- CCN Shutdown and The Inevitable Surrender to Google’s Power - Jun 11, 2019
- Ban Bitcoin ATMs: Money Laundering Blamed on Crypto ATMs - Jun 10, 2019
Know more than others on any Blockchain Party!
Join more than 5000 others to receive the breaking news and weekly summaries! No ICO spam, we promise.
You have Successfully Subscribed!