Sim Swap Attacks and Account Compromise

Introduction#

The landscape of cryptocurrencies and decentralized finance has opened up exciting possibilities, but it's also a breeding ground for hackers, exploiters, and scammers. Hacks and exploits have become all too mainstream in this realm, where the lure of vast fortunes often meets the vulnerabilities of the digital world. 

To put the gravity of the situation into perspective, let's examine these staggering numbers: In 2020, over $4.3 billion was lost to hacks and exploits in the crypto world. This figure rose to $9.79 billion in 2021 and $4.39 billion in 2022. Alarmingly, as of 2023, the trend shows no signs of slowing down, with losses surpassing $1.5 billion in just the first half of the year.

Sim Swap Attacks#

Alongside smart contract vulnerabilities, the Sim Swap attacks have emerged as a particularly devastating threat. This fraudulent scheme entails convincing a mobile service provider to transfer a victim's phone number to a new SIM card under the attacker's control. The process may seem complex, but attackers can execute it from the comfort of their homes with just a SIM card, a phone call to the victim's mobile provider, and personal data. Gathering someone’s personal information is disturbingly simple and can be acquired through various means, including social media, the black market, or phishing sites that deceive users into disclosing their private details.

Armed with this information, cybercriminals contact the victim's mobile carrier, presenting themselves as the legitimate account holder. Once successful, the attacker gains control of the victim's phone number, cutting off the victim's access to calls, texts, and internet services. This sinister tactic can lead to a cascade of catastrophic consequences, including unauthorized access to accounts and sensitive data. Even prominent figures in the security-conscious cryptocurrency world, such as Vitalik Buterin, have fallen victim to the devastating impact of SIM swap attacks.

Case Study#

Vitalik Buterin, the co-founder of Ethereum, is known for his deep understanding of security in the blockchain world. Yet even someone of his stature can fall victim to these attacks, underscoring the fact that in the ever-evolving digital landscape, no one is immune to the threat. This incident serves as a stark reminder that despite the best efforts, human errors and vulnerabilities can persist.

After the Sim Swap attack, the scammer took control over Vitalik Buterin's Twitter account. The con artist then posted a phishing link to a free Proto Danksharding NFT relating to ConsenSys. Multiple sources and on-chain data reveal that the con artist stole over $700,000 in funds. One of the affected individuals lost about 50% of this value as their CryptoPunk NFTs 3983 and 1751 were hijacked. 

The consequences following his account takeover would have been far worse than anticipated. This incident sent shockwaves through the crypto community, highlighting the urgent need for enhanced security measures and education on common security practices.

Sim Swap attacks have been on the rise, with 2023 witnessing a surge in incidents. As per the investigation by ZachXBT, over $13.3 million was lost across 60 different cases of Sim Swap between April 2023 and August 2023. The list includes high-profile figures, influencers, and renowned DeFi protocols, further emphasizing the urgency of addressing this threat. According to him, a majority of these affected individuals had taken their SIM cards from providers such as T-Mobile, Verizon, and ATT. Scammers tend to create a sense of urgency by sharing a phishing link promising a free airdrop of tokens or other digital assets, as well as other exciting opportunities to steal the assets from the compromised accounts.

Over the past four months $13.3M+ has been stolen as a result of 54 SIM swaps targeting people in the crypto space.

When an account is compromised scammers attempt to create a sense of urgency with a fake claim to drain your assets.

Never use SMS 2FA and instead use an… pic.twitter.com/Fu1C3syQJE

— ZachXBT (@zachxbt) August 23, 2023

Preventive Measures#

To safeguard against Sim Swap attacks leading to phishing attempts, proactive steps must be taken. Here is a comprehensive list of some of these preventive measures:

• Two-factor authentication (2FA) or Multi-factor authentication (MFA) offers an additional security measure for your accounts. When using platforms that support 2FA, such as Google, you can activate it to enhance your account's protection. To maximize security, it's advisable to avoid the risks associated with SMS-based authentication and opt for 2FA applications like Google Authenticator or Authy whenever they are available.
  
  
• Refrain from sharing your complete name, address, phone number, and birthdate on public forums. Scammers possess the ability to exploit even the tiniest pieces of data in order to persuade your mobile carrier that they are you. Additionally, exercise caution when it comes to divulging personal aspects of your life, such as your pet's name, your best friend's whereabouts, or your favorite food, on social media platforms, as you might have used these details in online security queries designed to verify your identity.
  
  
• Modern mobile devices offer a range of security features, including PINs, patterns, fingerprint recognition, passwords, and facial recognition. In addition to safeguarding their phones, individuals should also take steps to secure their SIM cards. Many devices include the capability to protect SIM cards with a strong alphanumeric PIN that must be entered each time the device is restarted. It's essential to choose a PIN that is both robust and unique, avoiding easily guessable options such as birth dates or significant dates related to loved ones.
  
  
• It's advisable not to associate our phone numbers with critical accounts, like those on cryptocurrency platforms or social media platforms such as Twitter or LinkedIn. If urgency requires it, one could consider using multiple electronic SIM cards when necessary.
  
  
• Numerous mobile network providers provide the option of freezing or locking your mobile number to prevent unauthorized transfers. When this feature is enabled, you cannot transfer your number to another phone line or carrier unless you deactivate the lock, either through a PIN code or by visiting a physical store. If your carrier offers this functionality, it serves as an effective means to enhance the security of your SIM card.
  
  
• Phishing has a history almost as long as that of the internet itself. It's a type of social engineering attack commonly employed to illicitly acquire login credentials, credit card details, and other sensitive user information. Typically, phishing entails cybercriminals posing as trustworthy institutions like banks, government bodies, and healthcare providers, assuming that your trust in these organizations will lead you to readily respond to their inquiries or not scrutinize their emails. 

However, it's important to note that genuine banks, government agencies, and reputable health offices will never request your personal information online. If you happen to receive such calls or messages, it's advisable to disconnect or delete them, even if they appear authentic. You can always independently contact the respective agency to verify the authenticity of the communication.

• Awareness is also another line of defense; individuals need to understand the risks and take precautions like using strong, unique passwords, enabling multi-factor authentication, and contacting their mobile carrier to set up additional security measures like number port locks to reduce the risk of falling victim to a SIM swap attack. Sharing this knowledge with peers can help protect the wider community from these increasingly prevalent and damaging cyber threats.
  
  
• The Advanced Protection Program by Google safeguards their customers with high-visibility and sensitive information from coordinated online attacks. It requires users to use a security key to verify their identity and sign into their Google account. It thus restricts unauthorized users from gaining access to the account.

Conclusion#

In the ever-evolving crypto landscape, security must remain at the forefront. The rise of Sim Swap attacks, as witnessed through the recent victimization of Vitalik Buterin, serves as a stark reminder of the relentless persistence of malicious actors.

While the crypto world offers unprecedented opportunities, it also demands vigilance, awareness, and proactive security measures. This is what we are striving for at Neptune Mutual. The road ahead involves fortifying defenses, staying informed, and collectively striving for a safer and more secure decentralized future. You can find plenty of resources in the Neptunite Ecosystem to stay ahead of the curve on your road to cyber safety. You can acquire protection in the Neptunite Cover Marketplace for your digital assets. Take a look at our hack database, and you can be the first to know about hacks and exploits happening in real time with dedicated analysis drafted by our security experts just for you. Contact us if there’s any way we can support you