The Ultimate Guide to Sim Swap and its Impact on Cryptocurrency Security

April 18, 2022  |   By: Max Dilendorf, Esq.

Contact our team to discuss your case against a mobile phone carrier or a cryptocurrency exchange.  Email: info@dilendorf.com; Phone: 212.447.9797.

Introduction

In today’s digital age, mobile phones have become an integral part of our daily lives. We use them to stay connected with friends and family, access social media, shop online, and even manage our finances. But with this convenience comes an increased risk of cyber attacks on our mobile phone numbers. One such attack that has become increasingly common in recent years is known as Sim Swap.

Sim Swap is a type of cyber attack where hackers target mobile phone numbers in order to take over the victim’s phone number and gain access to sensitive information, such as bank account details and personal identification numbers (PINs). This attack can have devastating consequences, especially when it comes to cryptocurrency security. In particular, cryptocurrency is particularly vulnerable to cyber attacks, and Sim Swap is one of the most effective methods for hackers to steal cryptocurrency.

In order to understand the impact of Sim Swap on cryptocurrency security, it’s important to first understand what Sim Swap is and how it works.

Sim Swap is a type of social engineering attack where hackers impersonate the victim and convince the mobile carrier to transfer the victim’s phone number to a SIM card in their possession. This is typically achieved through social engineering tactics such as phishing emails, texts, or phone calls. Once the attacker has control of the victim’s phone number, they can use it to gain access to accounts that rely on two-factor authentication (2FA) via SMS, including cryptocurrency exchange accounts.

This attack is particularly dangerous as it allows the attacker to bypass security measures that rely on a user’s phone number, such as SMS-based 2FA. Once the attacker gains access to the victim’s accounts, they can transfer cryptocurrency out of the victim’s wallet to their own.

The impact of Sim Swap on cryptocurrency security cannot be understated. With cryptocurrency becoming increasingly popular as an investment option, it’s more important than ever for individuals to protect their investments from cyber attacks. Below we’ll explore what Sim Swap is, how it works, and what steps individuals can take to protect themselves from this dangerous attack.

What is Sim Swap?

Sim Swap is a type of social engineering attack where hackers target mobile phone numbers to take over the victim’s phone number and gain access to sensitive information. This attack is achieved by convincing the victim’s mobile carrier to transfer the victim’s phone number to a SIM card in the attacker’s possession.

In general Sim Swap process consists of the following stages:

  1. The attacker starts by gathering information about the victim, such as their full name, date of birth, social security number, and any other personal information that can be used to impersonate the victim.
  2. Using the personal information gathered, the attacker will then contact the victim’s mobile carrier and pose as the victim. The attacker will request that the victim’s phone number be transferred to a new SIM card in the attacker’s possession.
  3. If the attacker is successful the mobile carrier will transfer the victim’s phone number and deactivate the victim’s SIM card.
  4. With the victim’s phone number on the attacker’s SIM card, the attacker can access any accounts that rely on the victim’s phone number for authentication. This includes bank accounts, social media accounts, and cryptocurrency exchange accounts.
  5. Once the attacker has gained access to the victim’s cryptocurrency exchange account, the attacker can transfer cryptocurrency out of the victim’s account to their own.

Thus, the end result of Sim Swap attacks is always the same – the attacker gains control of the victim’s phone number and uses it to access sensitive information and steal funds. This type of attack is particularly dangerous when it comes to cryptocurrency security, as cryptocurrency exchanges often rely on SMS-based 2FA to authenticate transactions.

The Impact of Sim Swap on Cryptocurrency Security

Sim Swap attacks pose a significant threat to the security of cryptocurrency exchanges and the funds stored within them. This is because many cryptocurrency exchanges rely on SMS-based two-factor authentication (2FA) as a way to confirm transactions and protect user accounts.

However, when an attacker gains control of a victim’s phone number through a Sim Swap attack, they can bypass 2FA and gain access to the victim’s cryptocurrency exchange account. Further, the attacker can transfer cryptocurrency out of the victim’s account to their own.

It’s important to note that Sim Swap attacks are not limited to individuals who hold large amounts of cryptocurrency. In fact, anyone with a mobile phone number can be targeted by Sim Swap attackers. This means that even individuals with small amounts of cryptocurrency in their exchange accounts are at risk.

What can be done to protect against Sim Swap attacks and safeguard cryptocurrency funds?

One solution is to use more secure forms of 2FA, such as hardware tokens or biometric authentication. These methods are more difficult to bypass than SMS-based 2FA, and provide an additional layer of security against Sim Swap attacks.

It’s also important to be vigilant and cautious with personal information. Never give out personal information over the phone or through email, and be cautious of unsolicited messages or calls. When possible, use a virtual private network (VPN) or secure internet connection to access online accounts.

Another way to protect against Sim Swap attacks is to use a mobile carrier that offers additional security features, such as a PIN or password requirement for SIM card changes. These additional security measures can make it more difficult for attackers to successfully carry out a Sim Swap attack.

Best Practices for Protecting Against Sim Swap Attacks and Safeguarding Cryptocurrency Funds

  1. Use a Hardware Wallet

One of the best ways to protect your cryptocurrency funds from Sim Swap attacks is to use a hardware wallet. Hardware wallets are physical devices that store your private keys offline, making them much more secure than online wallets or exchanges. By using a hardware wallet, you eliminate the risk of your private keys being stolen through a Sim Swap attack.

  1. Enable Two-Factor Authentication

Enabling two-factor authentication (2FA) on all of your cryptocurrency accounts is another effective way to protect against Sim Swap attacks. However, it’s important to use a method of 2FA that is not reliant on your phone number, such as a hardware token or an app-based 2FA system.

  1. Use a Virtual Private Network (VPN)

Using a virtual private network (VPN) can also help protect against Sim Swap attacks. A VPN encrypts your internet traffic and masks your IP address, making it more difficult for attackers to identify and target you.

  1. Limit Personal Information on Social Media

Limiting the amount of personal information you share on social media can also help protect against Sim Swap attacks. Attackers often use social engineering tactics to gather personal information about their targets, which they can then use to carry out a Sim Swap attack. By limiting the amount of personal information you share online, you make it more difficult for attackers to target you.

  1. Monitor Your Accounts

Regularly monitoring your cryptocurrency accounts for any unauthorized activity is another important step in protecting against Sim Swap attacks. If you notice any unusual activity, such as unexpected withdrawals or transfers, you should immediately take steps to secure your accounts and contact your exchange or wallet provider.

What to Do If You’ve Been the Victim of a Sim Swap Attack

Despite taking all the necessary precautions, it’s still possible to fall victim to these types of attacks. If you suspect that you’ve been the victim of a Sim Swap attack, there are several steps you should take immediately to minimize the damage.

  1. Contact Your Mobile Carrier

The first thing you should do if you suspect that you’ve been the victim of a Sim Swap attack is to contact your mobile carrier. Explain the situation and ask them to disable your SIM card and issue a new one. You should also ask your mobile carrier to put a PIN on your account to prevent unauthorized changes in the future.

  1. Contact Your Cryptocurrency Exchange or Wallet Provider

Next, you should contact your cryptocurrency exchange or wallet provider and let them know what has happened. They will likely have their own security protocols in place to protect your account and funds. They may also be able to reverse any unauthorized transactions and restore your funds.

  1. Change Your Passwords and Enable 2FA

After you’ve contacted your mobile carrier and cryptocurrency exchange or wallet provider, it’s important to change your passwords and enable 2FA on all of your accounts. This will help prevent any further unauthorized access to your accounts.

  1. Monitor Your Accounts and Credit Report

You should also closely monitor all of your accounts for any unauthorized activity, and check your credit report for any unusual activity. If you notice any suspicious activity, you should immediately contact your bank and report the fraud.

  1. Report the Incident to Law Enforcement

Finally, you should report the incident to your local law enforcement agency. Sim Swap attacks are illegal, and reporting the incident can help prevent the attacker from targeting others in the future. You should provide as much information as possible, including any evidence you have, such as call logs or text messages.

Thus, being the victim of a Sim Swap attack can be a very stressful and frustrating experience. However, by taking immediate action and following these steps, you can minimize the damage and protect yourself against future attacks. Remember to always take proactive steps to protect your personal information and cryptocurrency funds.

 

 

Government Sim Swap Resources:

We stay up to date and track cases involving phishing attacks and sim swap affecting major cryptocurrency exchanges and mobile operators:

One of the largest cellphone carriers in the United States is facing yet another lawsuit by a digital currency investor over SIM swap fraud. T-Mobile failed in its duty to protect its users and resulted in the plaintiff’s loss of $55,000 worth of BTC, according to the lawsuit filed in Pennsylvania.

I am victim of a SIM Swap scam. Both T-Mobil and Coinbase.com where negligent and failed to protect me. I have all the evidence to prove my case.

An 84-year-old grandmother living in West Palm Beach started investing in cryptocurrency to help save up for her family’s future. Then, nearly all of the money she put into cryptocurrency vanished after she claims a hacker got into her accounts and drained it of about $800,000.

Coinbase users have filed 134 pages of complaints to the SEC alleging that their funds have been “stolen” by the exchange

Yesterday, Kevin Frye filed a complaint in the Southern District of Florida against T-Mobile USA, Inc. for allegedly conducting a “SIM-Swap” without his consent, resulting in the loss of tens of thousands of dollars worth of cryptocurrency. The plaintiff claimed that “T-Mobile Representatives were either complicit with the theft or grossly negligent” since they have been on “notice for years that their security measures were not adequate.”

A Pennsylvania woman who lost the equivalent of $20,000 in cryptocurrency as part of a mobile fraud scheme says T-Mobile failed to protect her account in the face of a wave of similar incidents.

Nine months before scammers stole $20,000 from Kesler’s Coinbase account, the suit argues, Jack Dorsey was the victim of another high profile SIM swap, in which outsiders seized control of the Twitter CEO’s information. Security journalist Brian Krebs also covered the issue in 2018, specifically reporting that a T-Mobile retail store employee was under investigation for making an unauthorized SIM swa

A man is suing Gemini, claiming it was negligent not to notice significant sums of money moved from his money market account to buy cryptocurrency on the exchange over seven days. While the trader was out of reach in the Australian outback, someone allegedly stole money from his CIT account and wired it to Gemini to purchase crypto. Later, he noticed fraudulent activity on his accounts with other banks, and is suing CIT in addition to Gemini, claiming it violated the Electronic Funds Transfer A

Hackers stole $21 million in Bitcoin and $15 million in Ethereum from retirement accounts held with IRA Financial Trust on February 8, according to a report from Bloomberg based on an anonymous source.

Interviews and thousands of complaints have revealed a pattern of account hacks where users have reported money vanishing from their accounts, reports CNBC. Once criminals gain access to an account, funds can be drained within minutes.

My account that my mom and I use together got hacked in June of this year. We lost $350,000.The hacker not only transferred out all of the crypto we owned, they used the bank accounts that were linked to purchase more. When we found out about the hack, we called our banks to stop the transfer of money. We also immediately contacted Coinbase to report the hack. However, Coinbase still let the purchase go through while the bank transactions were pending. Now, Coinbass is claiming that because we stopped our banks from transferring the money, we owe them $10,000 to reimburse them for the purchase.

California-headquartered crypto trading platform Coinbase—has been named in at least 115 complaints sent to the U.S. Securities and Exchange Commission and the California Department of Business Oversight

“I believe Coinbase has engaged in fraud by knowingly marketing a service it knows it cannot actually provide,” the filing from November last year read, adding: “Coinbase knows it does not have the infrastructure to timely and adequately meet customer needs.” At the time, bitcoin and other virtual currencies were rocketing in value, leading to an unprecedented interest from eager new investors.

It took only two minutes for the attacker to clean Sean Everett out of what was then a few thousand dollars’ worth of digital coins from his Coinbase wallet

Author Jeff Roberts said $250,000 was stolen from Coinbase in 2013/2014. Roberts claims Coinbase’s hot wallet was hacked just a year after the company’s inception in 2012, and that the hacker made away with $250,000 worth of Bitcoin

Olympia and Steve Kallman of Parma said they are dealing with some sleepless nights after police reported they had more than $22,000 taken by con artists from their Coinbase cryptocurrency virtual wallet back on Aug. 16.

T-Mobile is facing a multi-million dollar lawsuit after hackers were able to gain unauthorized access to a client’s account. Using information provided by the cellular company, hackers successfully bypassed their two-factor authentication security measures enabling them to obtain a SIM card with the client’s personal and financial information. $8.7 million in cryptocurrency was ultimately transferred out of the customer’s account.

T-Mobile has been hit with a multi-million-dollar lawsuit after Reginald Middleton lost millions of dollars when hackers gained unauthorized access to his account. The hackers used information supplied by T-Mobile to successfully circumvent the two-factor authentication measure, which allowed them to obtain a SIM card containing all of Middleton’s financial and personal information. Ultimately, $8.7 million in cryptocurrency was transferred out of Middleton’s account.

Richard Harris, the customer and plaintiff, is alleging T-Mobile’s misconduct including its failure to adequately protect customer information, hire appropriate support staff and its violation of federal and state laws led to his loss of 1.63 bitcoin.

Last night while I was sleeping my account was logged into (web) from Russia…

The Vidovics lost nearly $170,000 in the blink of an eye when someone hacked their Coinbase account.

John said his accounts with Coinbase and Coinbase Pro were emptied as he watched his phone screen.

….an increasing number of users of the currently highly popular cryptocurrency exchange called Coinbase have suddenly found their accounts on the platform empty. This is after hackers have managed to gain access to them and thoroughly drain their cryptocurrency wallets.

League of Legends superstar has had $200,000 in cryptocurrency stolen from them – directly from their Coinbase account

…an unauthorized user had changed Ms. Maguian’a passwords for trading platforms… Coinbase and initiated transactions that emptied her accounts of crypto valued at around $80,000 at the time

The Eleventh Circuit Court of Appeals ruled today that the class action against Coinbase…will be held in open court. The case in question alleges that Coinbase assisted in laundering around $8.2 mln of stolen Bitcoin (BTC) – valued at over $100 mln today.

The Vidovics lost nearly $170,000 in the blink of an eye when someone hacked their Coinbase account.

Dr. Anders Apgar, a Coinbase customer, said his account had a balance of more than $100,000 in crypto when it was hacked during a robocall.

I had $14,000+ USD in my coinbase pro account. The account was hacked at the money was switched over to crypto and sent to multiple people this occured several hours ago (05/14/2021). Case # 06082303

Tampa resident David Bryant knew something was wrong last October when he found Coinbase notifications deleted from his account and his login no longer worked. “I lost about $15,000 dollars worth of crypto,” David said.

A Texas man is suing Coinbase, the cryptocurrency trading platform. The man alleges his Coinbase account was breached to make a $50,000 unauthorized transaction. He says at least 1,000 other Coinbase accounts have also been breached.

A new report finds that Russia was linked to the majority of crypto ransomware invasions, siphoning the equivalent of $400 million in stolen funds to illicit addresses in that country. It appears Russia has strong ties to the majority of crypto hacks and cybercrimes, especially when you consider that 74% of ransomware revenue in 2021 — over $400 million worth of  cyptocurrency — went to accounts affiliated with the country in some way, according to a new report from cryptocurrency tracking and analytics firm, Chainalysis.

Case #05530638, #05542432. This all happened 4/15/21-4/16/21. How can I talk with someone from coinbase? I am so frustrated that someone stole my Bitcoin, ETH, and transferred $500 from my bank account and stole that too from my coinbase… Total almost $12,000. I am trying to understand what is going on and now I am completely blocked out of coinbase. I want answers!

An increasing number of users of the highly popular cryptocurrency exchange Coinbase have found their accounts on the platform empty after hackers managed to gain access to them and drain their cryptocurrency wallets.

Raza says Coinbase, the cryptocurrency exchange where he was robbed, has not been able to provide a solution and he thinks they need to step up security protocols.

 In four minutes, cyber looters pilfered $34,123 worth of virtual currency from a Virginia resident’s Coinbase (COIN) account, the 38-year-old told Yahoo Finance.

I received several txts last night sending me a 2fa code. I woke up and my bitcoin was transferred at 230am to some address. Any idea what happened? Was it my cell phone provider? Seems fishy to me since I could not detect any threats my phone. No idea how the culprit read my txt messages but oh well.

I am an active user of CoinBase and somehow my account was breached even with 2FA enabled. The hackers stole all of the coins in my account by converting them to BTC and sending them to their wallet. They then deposited $1k USD and purchased BTC using my debit card and stole it before I could lock my account down.

Taking my case to reddit. My account was hacked approximately 3 weeks ago and .50 BTC (approximately $23k USD) was stolen from my account. In summary, I decided to log into my account one day to check in on the balance. A hacker had locked my account out.

…hackers managed to get into the accounts and move funds off the platform, draining some accounts dry. Thousands of customers had already begun to complain to Coinbase that funds had vanished from their accounts…Coinbase did not disclose how much cryptocurrency was stolen in the attack.

CNBC interviewed Coinbase users across the country. The interviews and complaints revealed a pattern of account takeovers, where users see money suddenly vanish from their account, followed by poor customer service from the company. Since 2016, Coinbase users have filed more than 11,000 complaints against Coinbase with the Federal Trade Commission and Consumer Financial Protection Bureau, mostly related to customer service.

An increasing number of users of the highly popular cryptocurrency exchange Coinbase have found their accounts on the platform empty after hackers managed to gain access to them and drain their cryptocurrency wallets.

Loads of scams out there. Remember Coinbase does not support chat. You will never speak with a Coinbase employee.

I have been trying to contact Coinbase support since Thursday when I saw $25k BTC sold from my wallet without my consent and could not receive any assistance at all from Coinbase to protect my investment.

It was 10.6 bitcoins held in the wallet service Coinbase, the most well-funded and widely implemented service on the market.

All your money is gone. Whoops! Sorry for your loss. Some Coinbase account holders are losing their shit today as they look to their bank statements to find that the exchange has withdrawn excessive amounts of money from their accounts.

California-headquartered crypto trading platform Coinbase—has been named in at least 115 complaints sent to the U.S. Securities and Exchange Commission and the California Department of Business Oversight

“I believe Coinbase has engaged in fraud by knowingly marketing a service it knows it cannot actually provide,” the filing from November last year read, adding: “Coinbase knows it does not have the infrastructure to timely and adequately meet customer needs.” At the time, bitcoin and other virtual currencies were rocketing in value, leading to an unprecedented interest from eager new investors

Yesterday, Kevin Frye filed a complaint in the Southern District of Florida against T-Mobile USA, Inc. for allegedly conducting a “SIM-Swap” without his consent, resulting in the loss of tens of thousands of dollars worth of cryptocurrency. The plaintiff claimed that “T-Mobile Representatives were either complicit with the theft or grossly negligent” since they have been on “notice for years that their security measures were not adequate.”

A Pennsylvania woman who lost the equivalent of $20,000 in cryptocurrency as part of a mobile fraud scheme says T-Mobile failed to protect her account in the face of a wave of similar incidents.

Nine months before scammers stole $20,000 from Kesler’s Coinbase account, the suit argues, Jack Dorsey was the victim of another high profile SIM swap, in which outsiders seized control of the Twitter CEO’s information. Security journalist Brian Krebs also covered the issue in 2018, specifically reporting that a T-Mobile retail store employee was under investigation for making an unauthorized SIM swap.

Mr. Harris sued T-Mobile in July, alleging the company’s practices didn’t meet federal standards and allowed a hacker to take over his phone number in 2020 and steal bitcoin worth nearly $15,000 at the time, and more now.

T-Mobile declined to comment on the suit but motioned to move the case to arbitration. Like Verizon and AT&T, the company requires arbitration to resolve disputes in its terms of service, often leading to closed-door settlements.

Hackers stole the personal identification data for millions of past, present and prospective T-Mobile customers, leading to a huge class-action lawsuit.

Losing cellphone service is inconvenient. But in some cases, it also might mean you’re getting hacked.

“It’s a whole new wave of crime,” said Erin West, the deputy district attorney of Santa Clara County. “It’s a new way of stealing of money: They target people that they believe to have cryptocurrency,” she told CNBC.

Just when you think the massive T-Mobile hack can’t get any worse, on Friday the carrier announced that over 50 million people, including current and former customers as well as prepaid customers, were affected by the breach. Information like Social Security numbers, driver’s licenses and account PINs were exposed.

Cellphone carrier T-Mobile is being sued over allegations it failed to safeguard against a SIM swap scam that cost one customer $55,000 in lost.

The CEO of a crypto firm that recently settled with the SEC over its 2017 ICO is suing T-Mobile over a series of SIM-swaps that resulted in the loss of $8.7 million worth of crypto.

The suit accuses T-Mobile of having “abjectly failed” in its responsibility to protect the personal and financial information of its customers.

A victim of a crypto theft using SIM-swap attack has filed a lawsuit against T-Mobile, alleging the failure and negligence on the part of the US cell phone carrier in preventing these scams.

“This action arises out of T-Mobile’s systemic and repeated failures to protect and safeguard its customers’ highly sensitive personal and financial information against common, widely reported, and foreseeable attempts to illegally obtain such information,” the lawsuit alleged.

T-Mobile is currently facing a complaint against one of the victims of SIM swapping, a type of fraud.

Cheng believed that the attack would not have happened if not for “T-Mobile‘s negligent practices and its repeated failure to adhere to federal and state law.”

T-Mobile is facing yet another SIM swapping complaint involving cryptocurrency theft. Last week, a Philadelphia man named Richard Harris filed a complaint in the Eastern District of Pennsylvania against the wireless giant alleging he lost approximately $55,000 worth of Bitcoin due to the company’s failure to safeguard his account

The sim was successfully swapped which means that either it was done without the pin or the person knew the pin. Again, this is only possible if it was a T-Mobile employee and most likely one of the employees that help a month prior during the line add and upgrade.

When it comes to security or whatever it is leave T-Mobile. It is insider job someone is doing sim swaps.

T-Mobile confirmed this week that it was hit by a “highly sophisticated cyberattack” that exposed names, dates of birth, Social Security numbers and driver’s license information for more than 40 million consumers who had applied for credit with T-Mobile.

After a crazy week where T-Mobile handed over my phone number to a hacker twice, I now have my T-Mobile, Google, and Twitter accounts back under my control. However, the weak link in this situation remains and I’m wary of what could happen in the future.

American telecommunications provider T-Mobile has disclosed a data breach after an unknown number of customers were apparently affected by SIM swap attacks. SIM swap fraud (or SIM hijacking) allows scammers to take control of targets’ phone numbers after porting them using social engineering or after bribing mobile operator employees to a SIM controlled by the fraudsters.

Yesterday, someone went into a T-Mobile retail store used a fake California Drivers License to buy a copy of my SIM card.

And now for the crazy chain of events, where T-mobile allowed a complete stranger to do a SIM swap on me, and Coinbase allowed a complete stranger to change my Coinbase identity with no questions asked.

Silver Miller said that “with little more than a persuasive plea for assistance, a willing telecommunications carrier representative, and an electronic impersonation of the victim,” criminals can manage to steal millions of dollars targeting unsuspecting victims.

Hackers swapped my T-Mobile SIM card without my approval and methodically shut down access to most of my accounts and began reaching out to my Facebook friends asking to borrow crypto.

Coinbase has admitted that hackers stole crypto from thousands of its users’ accounts over a three-month period.

Bad actors were able to infiltrate the accounts of and steal cryptocurrency from around 6,000 Coinbase customers by exploiting a multi-factor authentication flaw.

Matthew doesn’t know how the hackers were able to access his Coinbase account, but he remembered that when he signed up with Coinbase, they advertised they had insurance.

My binance account was hacked a day before. All my funds were converted into ETC and withdrawn from binance. I received no confirmation mail for withdrawals too. All security steps – login password, 2FA, confirmation mail were compromised.

I don’t know how people can do this? I used strong password and also use all security option but no result this bloody f**king person got access my account.

The world’s crypto market turned red as rumours about Binance, the world’s most traded cryptocurrencies exchange, being hacked began circulating on the web yesterday morning. Some users reported that their alts on Binance were “market sold” at a loss and balances drained.

Yesterday, BeanThe5th made a thread in the popular /r/cryptocurrency subreddit, regarding a theft that has occurred on his or her Binance account. Many users who saw this Reddit thread were quite surprised, as it has become common knowledge that Binance is one of the most reputable and secure exchanges that exist.

Hackers have stolen $570 million from a blockchain linked with Binance. The largest crypto exchange has had to temporarily halt the operation of its Binance Smart Chain after the exploit.1 Since the hack, Binance Coin’s (BNB) price has also dropped noticeably, with the token down 3.5% in the last 24 hours. At the time of writing, it is trading at $281.

Hackers just stole $40 million worth of bitcoin from Binance, one of the largest cryptocurrency exchanges in the world. It’s hardly the first time crypto has been targeted by thieves. For a technology that’s supposed to be hyper secure, in practice, it’s often proven itself to be, well, not.

Binance, the world’s biggest cryptocurrency exchange, is investigating a hacking incident that affected a number of crypto tokens Friday. According to its founder and CEO Changpeng Zhao, a private key, used to encrypt or decrypt data, had been hacked.

“Initial analysis is developer private key was hacked, and the hacker updated the smart contract to a more malicious one,” Zhao said on Twitter, adding that the Ankr and Hay tokens were affected.

On Tuesday, May 7, Binance, the world’s largest cryptocurrency exchange, announced that malicious actors had compromised user application programming interface (API) keys and two-factor authentication (2FA) codes, enabling them to access the company’s hot wallet and steal more than 7,000 bitcoin (BTC).

Cryptocurrency exchange Binance temporarily suspended its blockchain network after hackers made off with around $570 million worth of its BNB token.

Hello, I have been impersonated and sim swapped, they hacked my emails, twitter, facebook, exchanges, literally everything including binance, which they stole 2 btc (daily limit) from today and will steal more if the account isn’t frozen by tomorrow. They logged in and somehow disabled my google authenticator and I cannot get into my account, microsoft is working on giving me the hacked email back that is related to binance but they say it will take 3 days to escalate the ticket. In 3 days the hackers will have already taken my entire balance so I really need the binance account frozen now before they can steal more.

My account was compromised with multiple security layers on it. Google 2FA and Email Authentication which i both had on it. My google 2FA was on a device only for my google authentication apps, I take necessary steps to prevent hacks & The crazy thing is i always receive emails when anything is changing or so on so when the hack was happening binance did not not alert my email or anything. All my securities was reset and email was changed.

Someone made a withdrawal on my Binance account when I was sleeping last night and took all my money away. My Binance account had 2FA on and everything was safe and secure but somehow the hacker managed to hack it and withdrew all my holdings out. Binance support does not have a hacked feature, so it’s pissing me off. Is there anyway that I can get it back? This is all my life savings.

Crypto exchange Gemini Trust Co. lacked proper safeguards that resulted in retirement-account holders losing around $36 million in Bitcoin and Ether when the master key got hacked, IRA Financial Trust said in a new lawsuit.

Then, on Tuesday of this this week, someone posted the entire stolen database for free on Breach Forums. It’s unclear whether this individual previously attempted to sell the database but was unsuccessful, covertly purchased it, or otherwise obtained it through some other means. We also still don’t know when the data breach occurred, though the second post attempting to sell the database claimed it was obtained in September.

Regardless, the personal information of Gemini’s 5.7 million customers is now publicly available online.

San Francisco resident Robert Ross, a father of two, noticed his phone suddenly lose its signal on Oct. 26. Confused, he went to a nearby Apple store and later contacted his service provider, AT&T. But he wasn’t quick enough to stop a hacker from draining $500,000 from two separate accounts he had at Coinbase and Gemini, according to Santa Clara officials.

My account on Gemini was hacked. My password and email address on Gemini were both changed. I have been trading on Gemini for 4 years. Gemini now claims that there is no account at Gemini with my email. I have a ton of USD in my Gemini account and they will not even confirm that the funds are frozen. There is no person

 

This article is provided for your convenience and does not constitute legal advice. The information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations. Prior results do not guarantee a similar outcome.

Other Resources

ALL ARTICLES

Our Founding Partner

/

Max (Maksim) Dilendorf, Esq.

Max (Maksim) Dilendorf’s legal practice is laser-focused on digital assets and cyber-crime cases, a domain he has passionately pursued since 2017. Over the past 7 years, Max built a distinct digital asset law practice, dedicating tens of thousands of hours to managing diverse client cases, research and engaging ...

Learn More about Max (Maksim) Dilendorf, Esq.
Max (Maksim) Dilendorf, Esq.

Adam Pollock

Adam is one of the nation’s leading young whistleblower lawyers.  He brings with him a special ability not just to litigate, but to investigate – and understand – complex organizations and transactions.  His extensive familiarity with tech issues is built on a computer science degree and work as a ...

Learn More about Adam Pollock
Adam Pollock

Bari Zahn, Esq.

Bari Zahn has nearly 20 years of experience practicing at global law firms in New York. Bari has represented a broad array of multinational clients on U.S. and cross-border transactions. She has supervised legal teams worldwide and has extensive management experience as the Founder, former CEO and General ...

Learn More about Bari Zahn, Esq.
Bari Zahn, Esq.

Steve Cohen

Steve contributes extensive business and problem-solving experience to challenges that may require litigation – or may help avoid it.  Indeed, his perspective on litigation is influenced by his experience as a three-time internet start-up CEO.

Steve served on Ronald Reagan’s 1980 presidential campaign ...

Learn More about Steve Cohen
Steve Cohen

Robin Gerofsky Kaptzan, Esq.

A New York licensed attorney with three decades of legal and business experience in the U.S. and Asia, Robin recently joined the law firm as a partner and leads the Asia-Pacific practice.

While acting as an international business lawyer and global corporate general counsel, Robin is sought out by clients ...

Learn More about Robin Gerofsky Kaptzan, Esq.
Robin Gerofsky Kaptzan, Esq.

Craig S. Redler

Craig S. Redler has held positions with Amicorp in its offices in Auckland New Zealand and Miami Florida, and Southpac Trust International, Inc. with offices in the Cook Islands and Tauranga New Zealand. His responsibilities included serving as Trustee for off-shore trusts settled by high net-worth clients ...

Learn More about Craig S. Redler
Craig S. Redler

Pamela A. Fuller, Esq.

Pamela A. Fuller is a corporate and international tax attorney, with over two decades of experience.  She advises a wide range of clients–including private and public companies, joint ventures, private equity and hedge funds, C-Suite executives, private U.S and foreign individual clients, and government ...

Learn More about Pamela A. Fuller, Esq.
Pamela A. Fuller, Esq.