Just six days ago after one Reddit user narrated how they lost ETH worth $1,200 in seconds to hackers, another user of the social media had lost his crypto holdings to hackers yet again. He was carrying out a transaction on the HodlHodl platform and was scammed through a SIM spoofing attack after a message from Revolute made it look he got the money already.
How SIM spoofing attack tricked Gandeloft to part with his BTC
Gandeloft, who was scammed and narrated his ordeal on Reddit, wanted to convert his BTC worth $1677. While scouting for a buyer on HodlHodl, he met a buyer offering 1650 Euro, equivalent to $1848. What the buyer wanted to pay was more than the market rate at the moment because of BTC’s sudden drop.
The buyer, however, said he was going to use the Revolut app to make payment and required Gandeloft to send his number for him to perform the transaction. Gandeloft afterward got an SMS purportedly from Revolut confirming payment of 1650 Euro with “Sam BTC” as the reference.
The two-factor authentication code Gandeloft got made the process appear genuine. While the money did not reflect on the Revolut app, he was pressured to sending the BTC owing to the agreement against his will afterward.
Gandeloft said in an interview that Revolute confirmed that they did not send the SMS he received. The exchange also did not supply information that could aid in the arrest of the hacker. Gandeloft said in the interview that the exchange told him they don’t doll out information about clients. They said he could contact his bank for details where next to nothing could be done.
Surge in SIM-based attack
As much as it is easy to identify a hacker trying to use the phish, once they get hold of official addresses, they are hard to identify. SIM spoofing attack is quite simple to complete and extremely hard to find out, although they operate differently in different countries.
Network providers also are susceptible to SIM swapping hit. They do this by deceiving customer service agents into exchanging their phone numbers with another network. However, they have many ways of performing the trick.