SIM swapping – Page 4 – Computer Security Articles

A Closer Look at the LAPSUS$ Data Extortion Group

March 23, 2022 admin A Little Sunshine, Ne'er-Do-Well News, SIM swapping

Credit to Author: BrianKrebs| Date: Wed, 23 Mar 2022 22:00:43 +0000

Microsoft and identity management platform Okta both disclosed this week breaches involving LAPSUS$, a relatively new cybercrime group that specializes in stealing data from big companies and threatening to publish the information unless a ransom demand is paid. Here’s a closer look at LAPSUS$, and some of the low-tech but high-impact methods the group uses to gain access to targeted organizations.

Independent Krebs

Lawmakers Prod FCC to Act on SIM Swapping

January 9, 2020 admin Ajit Pai, anna eshoo, edward markey, FCC, Michael Terpin, Nicholas Truglia, Ron Wyden, sherrod brown, SIM swapping, ted lieu, U.S. Federal Communications Commission, yvette clarke

Credit to Author: BrianKrebs| Date: Thu, 09 Jan 2020 19:44:55 +0000

Crooks have stolen tens of millions of dollars and other valuable commodities from thousands of consumers via “SIM swapping,” a particularly invasive form of fraud that involves tricking a target’s mobile carrier into transferring someone’s wireless service to a device they control. But the U.S. Federal Communications Commission (FCC), the entity responsible for overseeing wireless industry practices, has so far remained largely silent on the matter. Now, a cadre of Senate lawmakers is demanding to know what, if anything, the agency might be doing to track and combat SIM swapping.

MalwareBytes Security

TrickBot adds new trick to its arsenal: tampering with trusted texts

September 3, 2019 admin 2fa, account takeover fraud, ATO, Authy, C&C, Dell Secureworks, dynamic webinject, dyreza, emotet, Eternal Romance, EternalBlue, EternalChampion, Gold Blackburn, Google Authenticator, hasherezade, point-of-sale, port-out fraud, pos, SIM hijacking, SIM swapping, Sprint, T-Mobile, thetrick, trickbot, trickloader, trickster, Trojan.TrickBot, trojans, two-factor authentication, Verizon Wireless

Credit to Author: Jovi Umawing| Date: Tue, 03 Sep 2019 15:26:01 +0000

TrickBot’s latest feature allows it to tamper with the web sessions of users from Verizon, T-Mobile, and Sprint mobile carriers.

Categories:

Trojans

Tags: 2fa account takeover fraud ATO Authy C&C Dell Secureworks dynamic webinject dyreza emotet Eternal Romance EternalBlue EternalChampion Gold Blackburn Google Authenticator hasherezade point-of-sale port-out fraud POS SIM hijacking SIM swapping Sprint T-Mobile thetrick trickbot trickloader trickster Trojan.TrickBot two-factor authentication Verizon Wireless

Independent Krebs

Who Owns Your Wireless Service? Crooks Do.

August 7, 2019 admin A Little Sunshine, Aaron Mackey, Andy Greenberg, AT&T, eff, Electronic Frontier Foundation, Federal Communications Commission, Gigi Sohn, Google Voice, Nicholas Truglia, robocalls, SIM swapping, The Coming Storm, wired

Credit to Author: BrianKrebs| Date: Wed, 07 Aug 2019 22:43:58 +0000

Incessantly annoying and fraudulent robocalls. Corrupt wireless company employees taking hundreds of thousands of dollars in bribes to unlock and hijack mobile phone service. Wireless providers selling real-time customer location data, despite repeated promises to the contrary. A noticeable uptick in SIM-swapping attacks that lead to multi-million dollar cyberheists. If you are somehow under the impression that you — the customer — are in control over the security, privacy and integrity of your mobile phone service, think again. And you’d be forgiven if you assumed the major wireless carriers or federal regulators had their hands firmly on the wheel.

Independent Krebs

The Unsexy Threat to Election Security

July 25, 2019 admin Latest Warnings, REACT Task Force, Samy Tarazi, San Mateo County, SIM swapping, The Coming Storm, Yubico

Credit to Author: BrianKrebs| Date: Thu, 25 Jul 2019 17:01:41 +0000

Much has been written about the need to further secure our elections, from ensuring the integrity of voting machines to combating fake news. But according to a report quietly issued by a California grand jury this week, more attention needs to be paid to securing social media and email accounts used by election officials at the state and local level.

Independent Krebs

Account Hijacking Forum OGusers Hacked

May 18, 2019 admin A Little Sunshine, Ace, Ne'er-Do-Well News, ogusers, Omnipotent, RaidForums, SIM swapping

Credit to Author: BrianKrebs| Date: Sat, 18 May 2019 13:44:20 +0000

Ogusers[.]com — a forum popular among people involved in hijacking online accounts and conducting SIM swapping attacks to seize control over victims’ phone numbers — has itself been hacked, exposing the email addresses, hashed passwords, IP addresses and private messages for nearly 113,000 forum users.

Independent Krebs

More Alleged SIM Swappers Face Justice

February 5, 2019 admin Ahmad Wagaafe Hared, Dawson Bakies, Joel Ortiz, Matthew Gene Ditman, Ne'er-Do-Well News, Nicholas Truglia, ogusers, SIM swapping, winblo, Xzavyer Narvarez

Credit to Author: BrianKrebs| Date: Wed, 06 Feb 2019 05:50:07 +0000

Prosecutors in Northern California have charged two men with using unauthorized SIM swaps to steal and extort money from victims. One of the individuals charged allegedly used a hacker nickname belonging to a key figure in the underground who’s built a solid reputation hijacking mobile phone numbers for profit. According to indictments unsealed this week, Tucson, Ariz. resident Ahmad Wagaafe Hared and Matthew Gene Ditman of Las Vegas were part of a group that specialized in tricking or bribing representatives at the major wireless providers into giving them control over phone numbers belonging to people they later targeted for extortion and theft.

Independent Krebs

Hanging Up on Mobile in the Name of Security

August 16, 2018 admin A Little Sunshine, Allison Nixon, AT&T, Flashpoint, Google Voice, instagram, Joel Ortiz, Michael Terpin, Ne'er-Do-Well News, ogusers, SIM swapping, Sprint, T-Mobile, The Coming Storm, Time to Patch, Twitter, Verizon

Credit to Author: BrianKrebs| Date: Thu, 16 Aug 2018 17:01:36 +0000

An entrepreneur and virtual currency investor is suing AT&T for $224 million, claiming the wireless provider was negligent when it failed to prevent thieves from hijacking his mobile account and stealing millions of dollars in cryptocurrencies. Increasingly frequent, high-profile attacks like these are prompting some experts to say the surest way to safeguard one’s online accounts may be to disconnect them from the mobile providers entirely.