Currency users blame SIM swaps after over 100 ETH drained Cryptocurrency scrgruppen users are warning of possible SIM swap attacks after a recent spate of supposed hacks drained nearly 109 Ethereum (ETH) worth about $178,000 from four users in less than a week.

On September 30, user X (formerly Twitter) was identified as “froggie.eth”. to caution Their account was SIM swapped – where exploiters take control of a user’s mobile phone number to intercept two-factor authentication codes, which are then used to access accounts – and then drained over 20 ETH.

Days later, on October 3, a series of users reported similar incidents, with musician Darren Proxmire saying a SIM card had been swapped and 22 ETH had been drained.

His phone had previously been hit with “phone call spam”, which he believed was to force him to miss a text message from his service provider warning him that someone was trying to access his account.

On the same day another user, “Dipper”, also posted He said Their accounts were hacked, adding that they had “no idea” how exploiters hacked into their accounts, as they used strong passwords.

A fourth user, “digging4doge,” was drained of about 60 ETH after falling for a phishing scam that tricked him into sharing his login code.

Cryptocurrency investment firm Manifold Trading explained that any hacker who gains access to a account can then “manipulate the entire account.”

Assuming a third of accounts are linked to phone numbers, about $20 million is at risk of being exploited through user-focused exploits, they said.

Related: “Alpha” emerges on the Bitcoin network

Manifold also suggested that the entire site is technically at risk because of how the platform’s security is set up, and that resolving the issues “should frankly be the No. 1 priority.”

Manifold suggested that allows users to add two-factor authentication to logins and decrypt keys and transactions.

Users should also be given the option to change the login method from number to email and allow the use of third-party wallets.

High-profile crypto figures have previously successfully swapped SIM cards and had their accounts used to carry out phishing attacks, such as Ethereum co-founder Vitalik Buterin’s X account in September.

Cointelegraph contacted for comment but did not immediately receive a response.

magazine: Blockchain Investigators – The collapse of Mount Gox gave birth to Chainalysis

Cryptocurrency scrgruppen

Related Articles

Back to top button