Security News

Weak security measures in place at several major wireless carriers in the United States make it easy for attackers to perform SIM swap attacks on prepaid mobile accounts, a recent study found. In a SIM swapping attack, social engineering is used to convince a wireless services provider to hand over control of the victim's phone number by modifying the SIM card attached to the phone and mobile account.

Four Princeton University eggheads have published a report showing that the five major US mobile carriers implement weak authentication techniques, leaving customers vulnerable to SIM-swapping attacks that transfer victims' phone numbers to devices controlled by scammers. In a paper [PDF] titled, "An Empirical Study of Wireless Carrier Authentication for SIM Swaps," Kevin Lee, Ben Kaiser, Jonathan Mayer, and Arvind Narayanan looked at how AT&T, T-Mobile US, Tracfone, US Mobile, and Verizon Wireless handle requests to change the SIM card associated with mobile phone numbers.

Now, a cadre of lawmakers is demanding to know what the agency might be doing to track and combat SIM swapping. The lawmakers asked the FCC to divulge whether it tracks consumer complaints about fraudulent SIM swapping and number "Port-outs," which involve moving the victim's phone number to another carrier.

Two Massachusetts men were arrested and charged this week for employing SIM swapping in attacks aimed at stealing cryptocurrency from their victims’ accounts. The two, Eric Meiggs, 21, of...

Two Men Targeted 10 Executives Who Had Cryptocurrency ConnectionsA pair of Massachusetts men allegedly ran a years-long scheme that used SIM swapping and other hacking techniques to target...

It appears that at least the United States has started taking the threat of Sim Swapping attacks very seriously. Starting with the country's first-ever conviction for 'SIM Swapping' this February,...

Two Men Targeted 10 Executives Who Had Cyptocurrency ConnectionsA pair of Massachusetts men allegedly ran a years-long scheme that used SIM swapping and other hacking techniques to target...

Account takeovers allegedly used to plunder digital wallets Two men from Massachusetts have been arrested and charged with 11 criminal counts stemming from a string of account takeovers and...

uCloudlink, an innovative global mobile data service provider has successfully implemented the world’s first SIM-free and roaming-free inter-carrier 5G network access. GlocalMe Inside, the...

Her accounts were drained in spite of using 2FA, showing that SIM swaps can still circumvent what's a good security tool.