Risk and financial advisory solutions provider Kroll disclosed that one of its employees fell victim to a highly sophisticated SIM swapping attack.
Risk and financial advisory solutions provider Kroll disclosed that one of its employees fell victim to a highly sophisticated SIM swapping attack.
The company said the incident occurred on 19 August 2023 and targeted the employee's T-Mobile account.
Without authorization or contact with Kroll or its employee, T-Mobile transferred the employee's phone number to the threat actor's phone at their request. This enabled the unidentified attacker to access specific files containing the personal information of bankruptcy claimants from companies such as BlockFi, FTX, and Genesis.
SIM swapping (aka SIM splitting or simjacking), while generally a benign process, could be exploited by threat actors to fraudulently activate a SIM card under their control with a victim's phone number. This makes it possible to intercept SMS and voice calls, including messages related to two-factor authentication for online accounts.
Fraudsters often use phishing or social media to gather information to obtain personal details about their targets. Such as birthdays, mother's maiden names, and high schools attended, they can manipulate cellular carriers into transferring the victim's phone number to a SIM card under their control.
The company noted that it immediately secured the affected accounts and notified impacted individuals by email. While an investigation is ongoing, no evidence suggests that other systems or accounts have been compromised.
This disclosure comes shortly after Bart Stephens, co-founder of Blockchain Capital, filed a lawsuit against an anonymous hacker who stole $6.3 million worth of cryptocurrency through a SIM swapping attack.
The U.S. Department of Homeland Security's Cyber Safety Review Board (CSRB) urged telecommunications providers to employ more vital security protocols to prevent SIM swapping. This includes allowing customers to lock their accounts and enforce stringent identity verification checks.
In light of these incidents, users must move away from SMS-based two-factor authentication and switch to phishing-resistant methods to secure their online accounts.
Want your digital assets to be protected?
CyberShelter provides innovative and modern cybersecurity products and niche services to individuals and organization against all kinds of cyber threats.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?