Crypto engineer at BitGo, has been subjected to a fraudulent SIM-card replacement attack. As a result, $ 100 thousand worth ob BTC was stolen from his Coinbase account.

Attacks with SIM-card replacement happen often. Sean told how intruders can seize other people’s means and how to protect themselves from criminal fraud.

The SIM card is attacked to capture someone else’s mobile number. By re-issuing the card, fraudsters gain access to one-time passwords that come to the phone.

This usually happens as follows:

1. Hackers start collecting personal information about the victim in order to obtain data that will convince the mobile operator to replace the SIM card.
2. Fraudsters demand to issue a new card with the same number since the previous one is “lost”. In this case, the “old” card is deactivated.
3. Criminals reset passwords of important accounts, as well as intercept one-time passwords that come to the phone, thanks to which they get access to bank and other accounts.
4. The attackers change passwords, and the victim can no longer log in to their accounts.