By CCN: SIM hijackers aiming to steal bitcoin and other cryptocurrencies are getting bolder and more daring. No longer are they just going for the soft targets but are now even pursuing the technologically adept and sophisticated.
One such victim is the engineering manager at cryptocurrency custodian BitGo, Sean Coonce. In a bold move, the blockchain engineer has publicly revealed that attackers stole bitcoin worth more than $100,000 from his Coinbase account. The attackers managed this over a period of 24 hours while carefully concealing any evidence that something was amiss.
Coonce dubbed the incident which occurred last week the ‘single most expensive lesson’ of his life.
My personal identity was hacked last week. The attacker was able to steal $100k+ in a sweep of my Coinbase account. I'm equal parts embarrassed, hurt, and deeply remorseful.
In an effort to raise awareness about the attack, I wrote about it here: https://t.co/ZnbB0AN6Gd
— Sean Coonce (@cooncesean) May 20, 2019
Blow by Blow Account of Bitcoin Sim Hijacking
According to Coonce, the attacker first ported his SIM card to a device they controlled last week Tuesday. The blockchain engineer only realized this after he lost cellular service while using his smartphone. Soon after he was prompted to sign in to his Google account but he was unsuccessful in his attempts.
Coonce reveals how the SIM attack played out. | Source: Medium/Sean Coonce
Meanwhile, the attacker had initiated the password recovery process for Coonce’s Coinbase account. The password reset link could only be sent after 24 hours, however. After initiating this process, the attacker deleted the email correspondence with Coinbase leaving no evidence of what had transpired.