Reportedly, the suspects tricked the phone providers into revealing the phone numbers of the victims and used the SIMs for performing 2FA authentication. The hacker group managed to steal from multiple crypto exchanges.
It is reported that hackers created fake IDs for conducting this widespread hacking campaign. They contacted the phone providers pretending to have gotten their phone stolen to deceive the phone providers into sending out a new SIM. The new SIM contained the phone number of the real owner while the original SIM card was canceled.
What is Sim Swapping: How a man hacked his victims’ SIM cards to steal millions of dollars
After obtaining the phone numbers the hackers used them for resetting the account passwords of the victims and got their hands on a whopping $80,000 worth of cryptocurrency. The funds were transferred to their personal accounts.
Istanbul’s Cybercrime Division was able to track them down by using the IP addresses, which the targeted crypto exchanges provided them. Eventually, the police were able to hunt the culprits and all the 11 group members were arrested after a raid on their identified location.
The police also confiscated 18 mobile phones, 20 flash memory drives, 5 laptops, 3 disks, 2 fake driver’s licenses, and many fake IDs and cards” during the raid. Ten individuals are currently in the custody of Turkish police while one has been released on bail.
Multiple attack techniques were utilized by the hackers, and apparently, the campaign seems to be quite sophisticated and complex. It is indeed concerning that the hackers were able to compromise 2FA authentication and stole such a huge amount from crypto exchanges. However, just like every criminal, they also made a mistake by not hiding their IP addresses, which is why they were easily tracked by the police.
In a report, Technodes wrote that “The ease with which these thieves were able to gain access to someone else’s phone number, however, is highly concerning [and] raising basic questions such as why are claimed lost sim replacements being sent to addresses, not on record.”
Based Blockchain Network