Sim swap attack

Blockchain Capital Bart Stephens SIM SWAP Hack - Could Had Been Prevented?

Bart Stephens, cofounder and managing partner of crypto fund Blockchain Capital was the victim of a SIM SWAP hack.

And, the consequences for him are as follows:

  • 6.4 million US dollars worth of Bitcoin, Ether, and other cryptocurrencies were taken from his wallet(s)
  • He has become news, about how a partner from a well-known crypto fund has been hacked.

None of those are good for him.


What Did It Happen?

Mr. Stephens states that a hacker used personal information publicly available online and also personal information available in the dark web, to successfully perform a SIM SWAP hack on him.

After the hacker was able to port Mr.Stephen's cell number from his SIM card to a SIM card that the hacker-controlled, the hacker was able to use this access to reset financial account passwords and also pass two-factor authentication (2FA) tests.

With access to Mr. Stephen's crypto assets, the hacker was able to move them to a crypto wallet(s) under the hacker's control.

Fortunately, not all his assets were lost, because a substantial amount of Ethereum was stored in a custodial cold wallet and when the hacker tried to access the assets this triggered a notification that alerted Mr.Stephens.


Could the SIM SWAP Have Been Prevented?

Most probably yes. But not 100% certainly.

Mr.Stephens is a public figure and it is known that he owns considerable amounts of cryptocurrencies.

As a known crypto owner, that makes him a desirable target for organized criminals.

And as a public figure, a lot of his personal information can be found on the net.

Hackers and scammers will target those people who they know they have significant amounts of crypto assets. Time is money, even for hackers and scammers, so they look for profitable targets.

Knowing this, Mr.Stephens could have contacted his cell phone provider and instructed them to be alert and to shield his accounts against SIM SWAPS.

Such as adding a PIN or password to his user account, which is requested every time an account change is solicitet.

SIM SWAP social engineering

How to Minimize the Consequences of a SIM SWAP

If the hackers have enough knowledge and resources, they can still push forward a SIM SWAP.

You may take measures, but always there is a weak link somewhere and if you are a profitable target the hackers will pour enough resources to exploit that weak link.

So, having mobile phone message notifications as Two-Factor Authentication (2FA) is a very bad approach to digital security.

But, having mobile phone message notifications as Multi-Factor Authentication (MFA) is acceptable.

The consequence of being the victim of a SIM swap could have been prevented by using MFA or a more secure type of 2FA


Mr. Stephens could have used a more secure 2FA method, like a 2FA app or, even better, a 2FA token.

But given the extent of his crypto portfolio, the best approach would have been to use both a secure 2FA app and hardware token as MFA.

This way, even in the case of a SIM SWAP, his crypto assets could have been inaccessible to the hackers, without first having to crack the additional authentication method.


Should You Shield Yourself From SIM SWAP Attacks?

The answer is Yes.

You may not be a crypto millionaire or a public figure but you never know how much of your personal information has been available to people with bad intentions.

Your data could be on the dark web making you an easier target

Dark web data

If any of your data has been leaked and has any relation with crypto, that may ring some bells, and maybe some hacker or scanner decides to give it a try.

Why take risks? Maybe it is time to have a chat with your SIM service provider or make sure that SIM message authentication is not used as 2FA for any of your personal or financial accounts.

Before we conclude this article, please think twice before commenting on Mr. Stephens's situation.

Many people fall victim to hacks and scams, not for negligence or lack of knowledge, but for lack of awareness.

Let's be comprehensive and work towards bringing digital and crypto safety awareness to as many people as possible to prevent hackers and scammers from taking advantage.

At Crypto Safety First we hope that learning from real stories brings awareness that hacks and scams do not happen to other people, or in movies. The more aware we are, the safer we will be.

Congratulations on completing this 5-minute digital safety power-up.

We hope this short article has helped increase your digital safety knowledge and awareness, and the 5 minutes read was worth the time.

5-minutes crypto and digital safety power-ups

If you have additional time, consider digging deeper and learning about Two-Factor Authentication (2FA) types. (Follow the link to find a handy quiz to test your 2FA knowledge).


How do you rate this article?


5-minute digital safety power-ups
5-minute digital safety power-ups

Valuable digital safety knowledge and good practices in short but informative articles. Protect your most valuable crypto and digital assets from hacks, scams, and accidents.

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.