users blame SIM swaps after more than 100 ETH drained in a week

0 users blame SIM swaps after more than 100 ETH drained in a week users are warning of possible SIM-swap attacks after a recent spate of supposed hacks — resulting in nearly 109 Ether (ETH) worth around $178,000 drained from four users in under a week.

On Sept. 30 the X (Twitter) user known as “froggie.eth” warned their account was SIM-swapped — where exploiters gain control of a users mobile number to intercept two-factor authentication codes, then used to access accounts — and subsequently drained of over 20 ETH.

Days later, on Oct. 3, a string of users reported similar incidents with Musician Daren Broxmeyer saying he was SIM-swapped and drained of 22 ETH.

His phone was earlier “spammed with phone calls” which he believed was to force him to miss a text from his service provider warning him that someone was trying to access his account.

I was just SIM swapped and robbed of 22 ETH via @friendtech

The 34 of my own keys that I owned were sold, rugging anyone who held my key, all the other keys I owned were sold, and the rest of the ETH in my wallet was drained.

If your Twitter account is doxxed to your real…

— daren (friend, friend) (@darengb) October 3, 2023

The same day another user, “dipper,” also said their account was compromised adding they have “no idea” how exploiters could hack their account as they use strong passwords.

The fourth user “digging4doge” was drained of around 60 ETH after falling for a phishing scam that tricked them into sharing a login code.

Friendtech user @digging4doge just got drained to the tune of ~60 eth worth of keys.

About an hour ago, he received a text informing him that a number change had been requested for his account.

He had two hours to respond or the request would be auto approved. This was, of…

— quit (,) (@0xQuit) October 4, 2023

Crypto investment firm Manifold Trading explained that any hacker gaining access to a account is then able to “rug the whole account.”

Assuming that a third of accounts are connected to phone numbers, around $20 million is at risk of being exploited through user-focused exploits, they said.

Manifold also suggested that, technically, all of is at risk due to how the platforms security is setup and solving the issues “should honestly be the number 1 priority.”

If any hacker gains access to a FriendTech account via simswap/email hack, they can rug the whole account

If you assume 1/3 of FriendTech accounts are connected to phone numbers, that’s $20M at risk from sim-swaps

FriendTech’s current setup also technically allows a rogue dev…

— Manifold (@ManifoldTrading) October 2, 2023

Manifold suggested allow users to add 2FA to logins, key decryptions and transactions.

Users should also be given the option to change the login method from a number to email and allow for third party wallets to be used.

High-profile crypto figures have previously been successfully SIM-swapped with their accounts used to carry out phishing attacks such as Ethereum co-founder Vitalik Buterin’s X account in September.

Cointelegraph contacted for comment but did not immediately receive a response.

Magazine: Blockchain detectives — Mt. Gox collapse saw birth of Chainalysis


Leave A Reply

Your email address will not be published.