The week preceding Christmas has witnessed an increase in SIM-swap attacks, with the founders of Manifold Trading, Rug Radio, and other crypto influencers falling victim to such attacks within the past forty-eight hours; some of them have lost control of their X (formerly Twitter) accounts.
A SIM-swap hacker accessed the official X account of Manifold Trading and its founding partner, Jae Chung, on December 22. The intruder distributed a series of malicious links that directed users to cryptocurrency drainers.
Chung affirmed that a SIM-swap attack was responsible for the breach, notwithstanding the account’s password and email protection.
Chung confirmed that only his and Manifold’s Twitter accounts had been compromised and that all “fund-sensitive” information was secure. He further stated that measures were being implemented to salvage the funds and reinstate regular operations.
Additionally, the proprietor of Rug Radio, under the alias Farokh, was the target of a SIM-swap attack on December 21.
However, he reassured his audience that the compromised phone number was not associated with his Twitter account. On December 10, Rug Radio and the crypto publication Decrypt announced a joint merger.
SIM-swap hacks are a distinct form of fraudulent activity in which perpetrators commandeer a target’s phone number, thereby obtaining access credentials for crypto-related accounts, bank accounts, and credit cards that exclusively depend on SMS authentication.
Preventing potential SIM-swap attacks requires avoiding the association of two-factor authentication with a mobile number.
ZachXBT, a blockchain investigator, advised users of cryptocurrency applications to employ an authenticator application like Google Authenticator on August 23. Doing so eliminates the risk of having one’s telecommunications data compromised.
He further stated that hackers had amassed over $13.3 million from 54 prominent individuals in the four months encompassing August.
Recent exploits indicate an upward trend in which malicious actors target crypto-related projects and users.
On October 4, multiple individuals utilizing the social finance platform Friend.tech informed one another via Twitter that they had been duped using a SIM-swap exploit.
A bogus user identified as “froggie.eth” reported that their Friend.tech account had been compromised via a SIM exchange. His Friend.tech account was subsequently compromised by assailants, who siphoned over twenty Ether, or approximately $44,000 at the time.