Sim swapping has become a major type of scam in the crypto world, with Twitter’s CEO recently finding this out the hard way. @Jack – better known as Jack Dorsey – caused huge outrage over the weekend, as his account began spewing out racist tweets and comments before Twitter command stepped in, suspending Twitter’s Cloudhopper service. A hacker used a process known as sim swapping to gain access to a sim card with Dorsey’s number, where the hacker then sent tweets via SMS to the platform.
This huge example of how everyone is vulnerable to a sim swapping attack has sparked a new wave of two-factor authentication (2FA) campaigns across the crypto world.
AT&T Feeling the Heat
Purportedly, Dorsey uses AT&T as his carrier – a network that has come under scrutiny for its handling of sin swapping attacks in the past. AT&T is already in court over a sim swapping attack that left one crypto holder missing a whopping pile of crypto worth $224 million. Fortunately, it doesn’t appear as if the sim swapper in Dorsey’s case accessed any of his crypto accounts, but the hacker could have easily done this and gotten away with it had he or she not opted to post racist tweets on Twitter – alerting the Twitter police. If AT&T truly are Dorsey’s carrier, we can expect a lot more flac to head AT&T’s way as people become scared over their crypto assets.
T-Mobile Accused of Collaborating with Hackers
Back in June, a number of personalities from the crypto world were hit by sim swapping attacks. They were all using T-Mobile and according to reports, a rogue T-Mobile employee collaborated with scammers by skipping verification steps to tie the numbers of people to burner phones. With the Dorsey case, it’s starting to look like the same issue happened again, with a rogue AT&T employee facilitating the transfer of Dorsey’s number. If T-Mobile and AT&T are found to have employees willfully adding a customer’s number to a new sim without their permission, we could see networks banning customer service reps from being able to perform the task.
They were able to gain access to his account because someone working for his mobile carrier was able to switch his phone # to a burner phone, and with 2 Factor Authentication if you have the phone number tied to an account you can gain access to it by resetting the password.
— Crux (@Crux_R6) August 31, 2019
It’s cases like this that highlight how important it is to keep your crypto in a hardware wallet, and not on an exchange. Once a scammer has control of your mobile phone number, they can easily reset passwords for email accounts and then exchanges, taking everything you have in a matter of minutes. Crypto wallets cost as little as $50 and will keep your crypto safe from sim swap attacks, so make sure you invest in one if you value your crypto.