[ad_1]

Despite growing cyber security infrastructure, online identities still face a number of risks, including those related to having one’s phone number hacked.
In early July, Brian Pellegrino, CEO of LearZero, became one of the latest victims of a SIM swap attack that allowed hackers to briefly take over his Twitter.
And… we’re back. This was basically my life for the last 24 hours. luckily we spotted the hack right away and the fight began pic.twitter.com/pjrkMfQ2vT
— Brian Pellegrino (@PrimordialAA) 5 July 2023
Pellegrino wrote shortly after getting his Twitter account back, “My guess is someone took my badge out of the trash when I was leaving the Collision and somehow tricked a representative into using it as ID for a SIM swap.” Cheated for.”
“It was just your typical paper conference badge, ‘Brian Pellegrino – Speaker,’” Pellegrino told Cointelegraph.
The incident involving Pellegrino’s accident may lead users to believe that hacking a SIM swap is as easy as grabbing someone’s badge. Cointelegraph reached out to a few cryptocurrency security firms to find out if this is the case.
What is sim swap hack? how big is that?
SIM swap hacks are a form of identity theft where attackers take over a victim’s phone number, allowing them to gain access to bank accounts, credit cards or crypto accounts.
In 2021, the Federal Bureau of Investigation Received More than 1,600 SIM swapping complaints involve losses of over $68 million. This represents a 400% increase in the number of complaints received over the past three years, indicating that SIM swapping is “definitely on the rise,” Hugh Brooks, CertiK’s director of security operations, told Cointelegraph.
“If no action is taken against SMS-based 2FA and telecom providers do not raise their security standards, we are likely to see a continued increase in attacks,” Brooks said.
According to 23PDS, Chief Information Security Officer (CISO) of Slomist, SIM swapping is not very widespread at present, but it is likely to increase further in the near future. They said:
“As Web3 grows in popularity and attracts more people into the industry, so does the potential for SIM swapping attacks due to its relatively low technical requirements.”
23pds has noted a few cases involving SIM swap hacks in crypto over the years. In October 2021, Coinbase will officially exposure Hackers stole crypto from at least 6,000 customers due to 2FA breach. Earlier, British hacker Joseph O’Connor was accused of stealing around $800,000 in crypto through multiple SIM swap hacks in 2019.
How hard is it to hack a sim swap?
According to the CertiK executive, SIM swap hacking can often be done with information that is publicly available or can be obtained through social engineering.
“Overall, SIM swapping can be viewed as a lower barrier to entry for attackers than more technically demanding attacks such as smart contract exploits or exchange hacks,” Brooks said.
Slowmist’s 23pds agreed that SIM swapping doesn’t require high-level technical skills. He also said that such SIM swaps are “prevailing even in the Web2 world”, so it is “not surprising” to see them emerging in the Web3 environment as well.
“It is often easy to execute, social engineering is used to deceive the concerned operators or customer service personnel,” 23pds said.
How to Avoid SIM Swapping Hack?
Since SIM swap attacks are often seen as non-demanding in terms of hackers’ technical skills, users should do due diligence to protect their identities to prevent such hacks.
The main security measure against SIM swap hacks is to restrict the use of SIM card-based methods for 2FA verification. Hacken’s Budorin said that instead of relying on methods like SMS, one should better use apps like Google Authenticator or Authy.
Slomist CISO 23PDS also mentions more strategies like multi-factor authentication and advanced account verification like additional passwords. He also strongly recommended users to set up strong PINs or passwords for SIM cards or mobile phone accounts.
Connected: Over $765K worth of NFTs stolen after SIM swap attack on Gutter Cat gang
Another way to avoid SIM swapping is to keep personal data like name, address, phone number and date of birth appropriately secure. The Slomist CISO also recommended checking online accounts for any unusual activity.
CertiK’s Brooks stressed that platforms must also be responsible for promoting secure 2FA practices. For example, companies may require additional verification before allowing changes to account information and educate users about the risks of SIM swapping.
Additional reporting by Cointelegraph editor Felix Ng.
magazine: Asia Express: China expands CBDC net, Malaysia is Hong Kong’s new crypto rival










