2 years ago
T-Mobile accounts had been SIM-swapped connected astatine slightest 104 occasions passim 2022, according to Krebs connected Security.
SIM-swapping refers to the unauthorized takeover of a mobile telephone account, enabling entree to information, including receiving text-based 2 Factor Authentication (2FA) codes. It involves hackers tricking the web supplier into switching the relationship to a SIM nether the hacker’s control.
“This means that stealing someone’s telephone fig often tin fto cybercriminals hijack the target’s full integer beingness successful abbreviated bid — including entree to immoderate financial, email and societal media accounts tied to that telephone number.”
In December 2022, Nicholas Truglia was sentenced to 18 months successful situation for stealing $23.8 cardinal successful crypto via SIM-swapping. The theft was related to a azygous unfortunate named Michael Terpin.
Between January 2018 and December 2020, the FBI received 320 SIM-swap complaints. However, successful 2021, this fig skyrocketed to 1,611 incidents.
Over 100 T-Mobile accounts hacked
Security researchers focused connected Telegram groups successful which 3 distinctive hacker groups advertised entree to T-Mobile lawsuit accounts.
“KrebsOnSecurity is not naming those channels oregon groups present due to the fact that they volition simply migrate to much backstage servers if exposed publicly, and for present those servers stay a utile root of quality astir their activities.”
Researchers logged the fig of times a Telegram station announced T-Mobile relationship entree to transmission members.
Collating the information progressive starting connected Dec. 31, 2022, and counting backward, noting each clip caller entree notifications were posted. But researchers abandoned the number by mid-May erstwhile 104 incidents were counted, leaving 4 and a fractional months of Telegram logs uncounted.
Source: krebsonsecurity.comConsidering the beingness of different hacker groups, different Telegram channels, and different carriers, the 104 incidents noted is an under-representation of the standard of the problem.
SIM-swapping is an industry-wide
When approached for comment, T-Mobile said SIM swapping is an contented that affects the full industry. The steadfast added that it is perpetually warring the problem, including improving the SIM-swapping process.
“We person continued to thrust enhancements that further support against unauthorized access, including enhancing multi-factor authentication controls, hardening environments, limiting entree to data, apps oregon services, and more.”
The connection besides mentioned incorporating intelligence-gathering operations, specified arsenic the 1 conducted by information researchers successful this study.
Krebs connected Security acknowledged that SIM-swapping is an industry-wide problem. However, they stated that rival carriers AT&T and Verizon featured little often successful Telegram hacker groups.
In cases of these carriers featuring, hackers asked for betwixt $2,000 and $3,000 for access, doubly that of entree to T-Mobile accounts – suggesting that T-Mobile SIM-swapping is easier.
Tips to antagonistic SIM-swapping
Signs of a SIM-swap onslaught see the inability to telephone oregon text, login credentials for slope and crypto accounts nary longer working, and unfamiliar transactions.
If encountered, the archetypal enactment is to interaction your web supplier and petition they fastener down the account. Next is to interaction banks and crypto exchanges to frost your accounts.
Security steadfast Norton lists respective methods of protection, specified arsenic consciousness of phishing emails and sketchy links, having a beardown telephone relationship password, mounting up an further PIN with the telephone carrier, usage of authentication apps implicit SMS substance authentication, and turning connected transaction alerts.
The station Hackers entree T-Mobile accounts much than 100 times successful 2022: Tips to antagonistic SIM-swapping appeared archetypal connected CryptoSlate.
English (US) 