The effect of a Bitcoin exchange transaction was to scam the user when a spoofed SMS message from a payment app showed that the payment was made by the attacker.
A Bitcoin (BTC) peer-to-peer exchange on the Hodl platform was awry when a scammer seems to have used a SIM spoofing attack to make the seller believe that he was receiving the money.
The episode was posted by a Reddit user called Gandeloft on June 2. According to the victim, he was willing to cash out his 0.1747 BTC Bitcoin savings, worth $1677 during the press. Through the Hodl Platform, he found a merchant who was willing to offer Bitcoins €1650 or $1848. This seems to have been higher than the current market rate because of the sudden Bitcoin price slip, which saw the gains made less than 24 hours earlier reverse.
The buyer offered to use the Revolut app to settle the business and requested the victim's payment number. The victim received then a realistic SMS from Revolut, which allegedly stated that the transfer was still pending and would be cleared in a few hours as a result of "differing locations."
The message came from the same identifier, which sent two-factor authentication codes and was authenticated at first glance. While the user didn't see the money in the Revolut app, the scammer successfully pressured the victim to release his BTC.
The victim told Cointelegraph that Revolut had confirmed that SMS did not come from them, while the Hodl trading platform refused to provide further information which might help the perpetrator to catch them. According to the victim, the platform responded, "We don't send our users any details. You can contact your bank and get all the details." In this case, however, there were no bank-traceable transactions. Cointelegraph asked Revolut and Hodl for comments but did not receive an immediate answer.
SIM-based attacks become more frequent
Phishing attacks are usually easy to recognize, but they can add credibility through their ability to spot official addresses. SIM spoofing is quite easy to do and very difficult to discover, although the characteristics vary according to country. However, the carriers should comprehend the true origin of the spoofed SMS.
Mobile networks are also vulnerable to a more serious SIM swapping attack. This can be done by triggering customer support to swap telephone numbers with another provider, but various other methods are available.
The BlockFi loan provider recently suffered a data leak where the telephone number of an employee was changed to gain access to internal records.
Over the years, exchange users also have been targeting these attacks, with one high-profile case causing an alleged loss of $24 million through an AT&T network SIM swap.
Bitcoin Rising, Satoshi Discoveries and Google Enters the Race: Bad Crypto News of the Week
US Proposes $5 M Price for Venezuelan Crypto Leader Arrest
50 Million-user KakaoTalk Chat App Crypto Wallet Launches Today
Japanese finance minister may oppose a reduction in the Crypto tax
Global Crypto Awards 2020
Western Union Makes Takeover Offer for MoneyGram
Why Bitcoin Hitting $10,500 Was So Important
Dark Web Merchants are selling thousands of stolen credit card numbers
The 'PlayMining' DEA project allows players to earn points and use them in real life
New Crypto Product Launch: Bitcurate LIVEFEED - Your 1-stop crypto alert
Brave Browser: TRULY FASTER - The browser that rethinks the web
Bitcurate - Cryptocurrency predictive data intelligence platform