Security News

Five major U.S. prepaid wireless carriers - AT&T, T-Mobile, Verizon, Tracfone and US Mobile - are using poor account authentication procedures and techniques that leave their customers open to SIM swapping attacks, according to researchers at Princeton University. Their report, "An Empirical Study of Wireless Carrier Authentication for SIM Swaps," also examined 145 websites, including social media platforms, email providers and cryptocurrency exchanges, which use phone-based authentication to identify a user's identify.

Weak security measures in place at several major wireless carriers in the United States make it easy for attackers to perform SIM swap attacks on prepaid mobile accounts, a recent study found. In a SIM swapping attack, social engineering is used to convince a wireless services provider to hand over control of the victim's phone number by modifying the SIM card attached to the phone and mobile account.

Four Princeton University eggheads have published a report showing that the five major US mobile carriers implement weak authentication techniques, leaving customers vulnerable to SIM-swapping attacks that transfer victims' phone numbers to devices controlled by scammers. In a paper [PDF] titled, "An Empirical Study of Wireless Carrier Authentication for SIM Swaps," Kevin Lee, Ben Kaiser, Jonathan Mayer, and Arvind Narayanan looked at how AT&T, T-Mobile US, Tracfone, US Mobile, and Verizon Wireless handle requests to change the SIM card associated with mobile phone numbers.

Now, a cadre of lawmakers is demanding to know what the agency might be doing to track and combat SIM swapping. The lawmakers asked the FCC to divulge whether it tracks consumer complaints about fraudulent SIM swapping and number "Port-outs," which involve moving the victim's phone number to another carrier.

Two Massachusetts men were arrested and charged this week for employing SIM swapping in attacks aimed at stealing cryptocurrency from their victims’ accounts. The two, Eric Meiggs, 21, of...

Two Men Targeted 10 Executives Who Had Cryptocurrency ConnectionsA pair of Massachusetts men allegedly ran a years-long scheme that used SIM swapping and other hacking techniques to target...

It appears that at least the United States has started taking the threat of Sim Swapping attacks very seriously. Starting with the country's first-ever conviction for 'SIM Swapping' this February,...

Two Men Targeted 10 Executives Who Had Cyptocurrency ConnectionsA pair of Massachusetts men allegedly ran a years-long scheme that used SIM swapping and other hacking techniques to target...

Account takeovers allegedly used to plunder digital wallets Two men from Massachusetts have been arrested and charged with 11 criminal counts stemming from a string of account takeovers and...

uCloudlink, an innovative global mobile data service provider has successfully implemented the world’s first SIM-free and roaming-free inter-carrier 5G network access. GlocalMe Inside, the...