Millions Worth Of Crypto Stolen Using Telecoms Operator
Earlier this month, an American investor by the name of Michael Terpin filed a lawsuit (worth $224 million) against AT&T. He believes that the telecom colossus is responsible for providing hackers with access to his own phone number. Because of this, he allegedly became a victim of a major crypto heist.
$24 Million Crypto Lost
Terpin, a Puerto Rico-based businessman and CEO of TransformGroup, is the co-founder of an angel group for Bitcoin investors named BitAngels, as well as the digital currency fund called the BitAngels DApps Fund.
He claims to have lost about $24 million worth of digital currencies, something that became a reality after two hacks over the past few months happened. The 69-page lawsuit, which he filed at the California law firm Greenberg Glusker, features two separate episodes. These are dated June 11, 2017, and January 7, 2018.
According to Terpin that in both of the aforementioned cases, AT&T failed to provide security to his digital identity. It is worth noting that he was a long-time subscriber, which dates back to the 1990s. With everything that has happened, Terpin decided to seek $200 million in punitive damages, including compensation from the company that is worth $24 million.
Why AT&T Was Included
Terpin argues that the telecommunications company acted like “a hotel giving a thief with a fake ID a rook key.” Apparently, this key is used to access the room safe and steal jewelry from the rightful owner. In a more technical aspect, Terpin fell victim to the so-called SIM swap fraud, which is also known as “port out scam” or SIM hijacking.
This exploit is basically a process of leading a telecoms provider, allowing it to transfer the victim’s phone number to a SIM card held by the exploiter. Once the phone number is received, hackers can easily use it to reset the victim’s passwords, allowing them to break into different accounts.
In most cases, this process can also allow hackers to bypass the two-factor authentication. Unfortunately, SIM swapping is so easy to pull off and digital assets are among the most common targets of these exploiters.
Although the idea of SIM swapping is pretty much straightforward, the way it can be delivered will vary from one criminal to another. This only makes it easier, as criminals can use their own methods of using the said process.
For instance, they can fool customer representatives into thinking that they are the targets; hence, the latter will eventually hand over their data. There are other cases, however, where fraudsters have these so-called “plugs.” The latter simply refers to telecom company insiders who are paid to do illegal swaps.