The crypto industry is always subject to different kinds of security threats, with hackers and scammers developing new methods every now and then. As crypto adoption grows, so do the threats facing digital asset owners.
While recent data have shown that crypto hacks regarding Web3 and DeFi platforms have been falling in the first half of 2023, a hack method that’s gained ground is SIM swap attacks. According to on-chain sleuth ZachXBT, the amount that has been stolen from SIM swap attacks in the past four months has crossed into 8-digit territory.
The Rising Threat Of SIM Swapping For Crypto Owners
The crypto on-chain investigator took to social media platform X (formerly known as Twitter), to share details on how much crypto has been lost to SIM swap attacks in recent months. SIM swapping scams have now reportedly led to over $13.3 million in crypto thefts from 54 SIM swaps in just four months.
These attacks have particularly been successful since most victims only use SMS two-factor authentication (2FA) to protect their accounts. However, this isn’t enough anymore as hackers have developed sophisticated hacking methods.
Over the past four months $13.3M+ has been stolen as a result of 54 SIM swaps targeting people in the crypto space.
When an account is compromised scammers attempt to create a sense of urgency with a fake claim to drain your assets.
Never use SMS 2FA and instead use an… pic.twitter.com/Fu1C3syQJE
— ZachXBT (@zachxbt) August 23, 2023
A SIM swap is when a hacker tricks mobile carriers into transferring a victim’s phone number to a SIM card they control. Once they have the victim’s number, they can access sensitive accounts and steal funds.
Hackers know that cryptocurrency investors often have substantial funds in digital wallets secured with only a mobile phone number. So when an account is compromised, scammers attempt to create a sense of urgency with a fake claim to drain user assets.
The Scourge Of SIM Swap Attacks
SIM swap attacks are not a new hack method, and mobile carriers T-Mobile, Verizon, and AT&T have been the most affected in recent years. However, the attacks geared towards the crypto sector have been rising, with an investor losing $6.3 million worth of digital assets.
In May of this year, Blockchain Capital’s Founder Bart Stephens saw his phone number compromised, leading to hackers carting away $6.3 million in digital assets. Similarly, a SIM swap attack on the Gutter Cat Gang NFT project resulted in the transfer of NFTs valued at more than $765,000.
Earlier this year, the US Federal Communications Commission announced its proposal for new rules that will protect consumers from SIM swaps, calling them “ugly new frauds.” Crackdowns have also been increased, with British hacker AKA PlugwalkJoe sentenced to a five-year prison sentence in the United States for his involvement in a SIM swap attack leading to a $794,000 loss in crypto.
Crypto users are advised to take proactive steps to strengthen the security of their assets by using an authenticator app or security key to secure accounts as they are more secure than using phone numbers for 2FA.