Even with considerable security precautions in place, Twitter CEO Jack Dorsey became the victim of an embarrassing compromise when attackers took control of his account on the platform by hijacking his telephone number.
Dorsey became the latest target of so-called “SIM swap” fraud, which enables a fraudster to trick a mobile carrier into transferring a number — potentially causing people to lose control not only of social media, but bank accounts and other sensitive information.
This type of attack targets a weakness in “two-factor authentication” via text message to validate access to an account, which has become a popular break-in method in the past few years.
Twitter on Friday last week said that the account was restored after a brief time in which the attackers posted a series of offensive tweets.
However, Ori Eisen, founder of Arizona-based security firm Trusona, which specializes in authentication without passwords, said that the rapid fix should not be seen as an answer to the broad problem of SIM card swap fraud.
“The problem is not over,” Eisen said, adding that these kinds of attacks have been used to take over other high-profile social media accounts and for various kinds of fraud schemes.
It was not clear how many people are attacked in this manner, Eisen said, but added that automated technology could create billions of calls that lure people into giving up information or passwords.
Some analysts have said that hackers have found ways to easily get enough information to get a telecom to transfer a number to a fraudster’s account, especially after hacks of large databases that result in personal data sold on the so-called “dark Web.”
“Mobile accounts’ text messages can be hijacked by sophisticated hardware techniques, but also by so-called ‘social engineering’ — convincing a mobile provider to migrate your account to another, unauthorized phone,” said R. David Edelman, a former White House adviser who heads a cybersecurity research center at the Massachusetts Institute of Technology. “It only takes a few minutes of confusion to make mischief like Dorsey experienced.”
Thousands of these attacks have been reported in countries where mobile payments are common, including in Brazil, Mozambique, India and Spain.
Researchers at security firm Kaspersky have said that security systems by many mobile operators “are weak and leave customers open to SIM swap attacks,” especially if the attackers are able to gather information such as birth dates.
In a blogpost, Kaspersky researchers Fabio Assolini and Andre Tenreiro said that some cases come from cybercriminals paying off corrupt employees of mobile carriers — for as little as US$10 to US$15 per victim.
“The interest in such attacks is so great among cybercriminals that some of them decided to sell it as a service to others,” they wrote.
In Brazil, some criminals have taken over victims’ WhatsApp accounts, using it to ask the person’s friends for “urgent payment,” they added.
Republican US lawmakers on Friday criticized US President Joe Biden’s administration after sanctioned Chinese telecoms equipment giant Huawei unveiled a laptop this week powered by an Intel artificial intelligence (AI) chip. The US placed Huawei on a trade restriction list in 2019 for contravening Iran sanctions, part of a broader effort to hobble Beijing’s technological advances. Placement on the list means the company’s suppliers have to seek a special, difficult-to-obtain license before shipping to it. One such license, issued by then-US president Donald Trump’s administration, has allowed Intel to ship central processors to Huawei for use in laptops since 2020. China hardliners
Conjoined twins Lori and George Schappell, who pursued separate careers, interests and relationships during lives that defied medical expectations, died this month in Pennsylvania, funeral home officials said. They were 62. The twins, listed by Guinness World Records as the oldest living conjoined twins, died on April 7 at the Hospital of the University of Pennsylvania, obituaries posted by Leibensperger Funeral Homes of Hamburg said. The cause of death was not detailed. “When we were born, the doctors didn’t think we’d make 30, but we proved them wrong,” Lori said in an interview when they turned 50, the Philadelphia Inquirer reported. The
RAMPAGE: A Palestinian man was left dead after dozens of Israeli settlers searching for a missing 14-year-old boy stormed a village in the Israeli-occupied West Bank US President Joe Biden on Friday said he expected Iran to attack Israel “sooner, rather than later” and warned Tehran not to proceed. Asked by reporters about his message to Iran, Biden simply said: “Don’t,” underscoring Washington’s commitment to defend Israel. “We are devoted to the defense of Israel. We will support Israel. We will help defend Israel and Iran will not succeed,” he said. Biden said he would not divulge secure information, but said his expectation was that an attack could come “sooner, rather than later.” Israel braced on Friday for an attack by Iran or its proxies as warnings grew of
A prominent Christian leader has allegedly been stabbed at the altar during a Mass yesterday in southwest Sydney. Bishop Mar Mari Emmanuel was saying Mass at Christ The Good Shepherd Church in Wakeley just after 7pm when a man approached him at the altar and allegedly stabbed toward his head multiple times. A live stream of the Mass shows the congregation swarm forward toward Emmanuel before it was cut off. The church leader gained prominence during the COVID-19 pandemic, amassing a large online following, Officers attached to Fairfield City police area command attended a location on Welcome Street, Wakeley following reports a number