SIM-swap attacks have ramped up in the week leading to Christmas, with the founders of Manifold Trading, Rug Radio and other crypto influencers being hit with attacks in the last 48 hours — some of whom lost control of their accounts on X (formerly Twitter).
On Dec. 22, a SIM-swap hacker managed to take control of the official X account of Manifold Trading, along with its founding partner Jae Chung, posting a series of malicious links to crypto drainers.
Chung confirmed to Cointelegraph that the hack was due to a SIM-swap attack despite the account being protected by an email address and password. Chung said that only his and Manifold’s Twitter was compromised and assured anything “fund-sensitive” was safe. He added that steps were being taken to rescue the accounts and restore normal functionality.
Everyone is getting sim swapped. It’s easily preventable by NOT using Verizon, ATT or any other normal carrier
— borovik.eth (@3orovik) December 21, 2023
There are literally ANTI SIM SWAP services set up that you can get service from. You can literally have Verizon service, while going through a middle man that protects…
On Dec. 21, Farokh, the pseudonymous founder of Rug Radio, also fell victim to a SIM-swap attack but reassured his followers that the phone number was not linked to his Twitter account. Rug Radio recently announced a merger with crypto publication Decrypt on Dec. 10.
GOT SIM SWAPPED.
— Farokh (@farokh) December 21, 2023
Phone number is NOT associated to Twitter BUT PLEASE BE CAREFUL.
MY PHONE NUMBER IS COMPROMISED, TRUST NOTHING COMING FROM ME.
A SIM-swap hack is a specific type of fraud where attackers take over a victim’s phone number, which grants them access to bank accounts, credit cards and crypto-related accounts that rely solely on SMS verification.
The best way to avoid a potential SIM-swap attack is to ensure that any two-factor authentication is not linked to a mobile number.
Related: Security audits ‘not enough’ as losses reach $1.5B in 2023, security professional says
In an Aug. 23 post on X, Blockchain sleuth ZachXBT urged users of crypto apps to use an authenticator app such as Google Authenticator, which removes the vulnerability of having one’s telecommunication data stolen.
Over the past four months $13.3M+ has been stolen as a result of 54 SIM swaps targeting people in the crypto space.
— ZachXBT (@zachxbt) August 23, 2023
When an account is compromised scammers attempt to create a sense of urgency with a fake claim to drain your assets.
Never use SMS 2FA and instead use an… pic.twitter.com/Fu1C3syQJE
He added that in the four months preceding August, hackers had managed to steal more than $13.3 million from 54 high-profile figures.
The recent slew of exploits reflects a growing trend of attackers targeting crypto-related projects and users.
On Oct. 4, several users of the social finance platform Friend.tech took to Twitter to share that they’d fallen victim to a SIM-swap exploit.
Pseudonymous user “froggie.eth” warned their Friend.tech account was accessed through a SIM swap. Attackers then accessed his Friend.tech account and drained more than 20 Ether (ETH) — worth roughly $44,000 at the time.
Magazine: DeFi’s billion-dollar secret: The insiders responsible for hacks