Such developments have sparked responses from the wireless industry and regulators.
In the highest-profile example of SIM hacking, 22-year-old Nicholas Truglia hijacked the phone number of a cryptocurrency investor and was able to steal $23 million from him. After all, consumers' phone numbers are often used for two-factor authentication for access to online services. The new SIM is held by the hacker, who can then use it to access the rightful owner's account, change passwords and steal what can be stolen.
#Verizon 4g sim card hack software
The entire situation shines a spotlight on the security problems surrounding "SIM swapping." Unlike physically replacing SIM cards in cellphones, SIM swapping is done remotely by using software to assign an existing phone number to a new SIM card.
#Verizon 4g sim card hack install
For example, Vice reported about hackers who convinced carrier employees to install software that then gives the hackers access to multiple customer accounts. Perhaps more worrisome, not all fraudulent SIM swaps are one-off cases of identity theft. The next step is to call the carrier and request a SIM swap. If the call happens to be from a prepaid account, the hacker has hit the jackpot because they can go to a convenience store, buy a refill card for a few dollars and then use it to refill that victim's account. They can text multiple people fake offers that seem too good to refuse, until one person calls back. How can researchers (and hackers) get access to a victim's call history and payment history? By manipulating it. The researchers had done their homework and in most cases were able to answer these questions correctly. Then the carriers asked for other forms of authentication, like most recently called numbers and most recent payments. When the carriers tried to authenticate the customers by texting personal identification numbers (PINs), the "customers" acted confused and said the wrong PIN numbers, because of course they had not received the texts. Verizon, AT&T and T-Mobile each received ten calls from the researchers, who posed as customers.Īstoundingly, in all 30 cases the fake customers successfully convinced the carriers to move the numbers to new SIM cards. Researchers at Princeton University called three of the four major carriers and tried to convince customer service representatives to move phone numbers to new SIM cards. Several new studies have found that hackers can convince wireless carriers' customer service agents to port legitimate phone numbers to bogus accounts - a practice that can then open that account up to fraud and theft.
0 kommentar(er)
