The Tech in FriendTech doesn’t extend to security

To better understand how and why the FriendTech hacks affected so many people, it might be useful to first dig deeper into how the attackers managed to actually carry out the attacks.

Coinlive spoke to several security experts to find out how complicated SIM swap attacks are, and apparently, it’s bad news for everyone.

“SIM Swap attacks generally follow a common script. The attacker collects personal details about the intended victim, and then use it to convince the telecom to transfer the victim’s phone number to the illicit SIM card. At this point, the attacker can attempt to reset passwords, as all one-time PINS and messages will be redirected to this new fraudulent SIM card.”

-Eric Jardine, Cybercrimes Research Lead at Chainalysis

Tyler Boscolo, founder of 3NUM, points out that the requirements needed to pull off a SIM swap attack are actually quite minimal.

“Depending on how the fraud is executed, just knowing someone’s name can be enough to find the information needed to pull off the hack.”

Boscolo also points out that there are two ways that these hacks can be carried out. The first is with social engineering, when the hacker tricks the telco employee into believing that the hacker is the customer. This can be done by gathering identifying information such as the victim’s name, phone number, account number, or billing addresses.

The other way involves simply bribing the telco employee, and depending on the carrier target, the bribe may be as small as US$5000.

Cyberscope, a Web3 and blockchain security company, also note that these hacks are not technically difficult to carry out.

As long as the hacker has a SIM card of their own, they can actually carry out the attack from anywhere in the world- even from the comfort of their own homes.

“It really is as simple as making a phone call to your service provider, as long as they have access to your personal information.

And this personal data is not necessarily difficult to find. It can be harvested from your social media profiles, purchased on the black market from hackers, stolen through phishing websites, or acquired through direct social engineering tactics aimed at deceiving victims into disclosing their personal details.”

Once the SIM swap is complete, victims can often suffer irreversible damage.

While the Cyberscope team advises victims to contact their service provider directly to try and deactivate the fraudulent SIM card and to report that their social media accounts have been compromised, reaction time to an attack can be crucial.

Andrei Stefan, CTO of Zokyo, however, questions the effectiveness of any response once the hack has succeeded. While mobile service providers can help victims to regain control of their phone numbers, the process itself can be difficult.

Furthermore, warning signs that an attack is underway could be as simple as receiving unexpected messages on your mobile number, which might easily be dismissed.

“A big warning sign that a SIM swap attack might be underway is that a device will lose connectivity if a bad actor has commandeered the number. Early in an attack, text alerts about service change can be a leading indicator of a problem. At later stages of an attack, social media or other accounts might have changed login credentials”

-Eric Jardine, Cybercrimes Research Lead at Chainalysis