Bitcoin security has been hurtled into the headlines once more this week, as a young man in America faces 21 counts of felony after he went on a hacking spree.
Nicolas Truglia successfully hacked into six different smartphones and managed to steal $1 million worth of Bitcoin off one victim.
The crime is known as ‘SIM swapping' and it's on the rise. So, with more and more people now investing in cryptocurrency, how can you make sure you're safe?
In today's post, we discuss how the thief was able to steal bitcoin, what a bitcoin hack may look like, and what you can do to protect your cryptocurrency wallet.
On the 26th of October, Robert Ross noticed his phone had lost signal for an unusual length of time. Confused by this, Ross visited his nearby Apple store and later contacted his network operator, the American brand AT&T.
However, sadly Robert Ross was not quick enough to foil a bitcoin attack.
Nicholas Truglia lifted $1 million worth of Bitcoin from Ross' phone. Ross was storing $500,000 in two separate accounts at Coinbase and Gemini, and Truglia managed to get to them both.
Ross isn't the only person to have been hacked, unfortunately. Truglia himself had various other targets too. In the summer, a Californian man sued AT&T after hackers stole $24 million worth of cryptocurrency he had stored on an online exchange.
How Did the Hack Happen?
Truglia was targeting Silicon Valley executives – people he believed would have cryptocurrency stored on their smartphone.
Erin West, the deputy district attorney of Santa Clara County, called this a ‘whole new wave of crime', however the schemes which allowed Truglia to access Ross' smartphones aren't actually that new at all.
SIM Swapping Schemes
Phone hacking isn't a new crime, yet it now puts people at a much greater risk due to all of the apps we use – currency exchanges, pay by phone casinos, mobile banking and more.
Criminals are able to access phones by exploiting a tactic known as ‘SIM Swapping'.
Essentially, they dupe phone operators into getting phone numbers reassigned.
How Does SIM Swapping Work?
Should you want to replace a SIM card or have your mobile number transferred to a new SIM, you can call up your network operator and answer a few security questions. The whole process takes a matter of hours and is relatively simple.
However, hackers are buying the answers to these security questions on the dark web. They then relay this information to the phone operator employees, convincing them that they're speaking to the owner of the phone number.
Once the SIM swap is complete, the hacker simply opens up the apps from their own device. Although many of these apps use two-factor verification, which asks for a separate security PIN code, the hacker now controls the original phone number. This means that he will receive the security code, and can, therefore, access the apps without raising suspicion.
Can Bitcoin Be Traced?
Bitcoin, and other cryptocurrencies, are sadly untraceable.
Whilst the beauty of the blockchain means that all transactions are recorded on a public ledger, one of the biggest appeals of cryptocurrency is that users remain anonymous.
This means that whilst a hacking transaction may be able to be found, there's no way of identifying who made the transaction and so, finding out who the hackers are is difficult.
How Can You Protect Your Cryptocurrency?
So, if phone hacking is this easy, how can you make sure you're not at risk?
In order to stop SIM swapping schemes, cybersecurity and phone network experts say that all phone users should treat their phone number in the same way as they do with a password.
Obviously, we all give away our phone numbers all of the time – whether that's when signing up to a new service or because we've made a new friend at the bar.
However, it's now more important than ever before that we are vigilant with who receives our contact details. Always make sure that you truly trust who you give your phone number to and, if you're entering your phone number into something online, make sure you're doing so via an encrypted server.
You can check if your server is safe by looking out for the padlock symbol in the URL bar of the page you're visiting.
Make Sure Your Passwords Are Unique
Very few of us will not be guilty of using similar passwords for everything in life. Using the same password for everything makes life easier, and ensures that you don't forget login details.
However, this does leave you vulnerable to hacking crimes.
If you're creating a password for something very sensitive, like your phone, make sure it's completely unique. You should also change it regularly, and make sure it isn't based around a personal detail which scammers could guess or find out.
Invest in a Hardware Wallet
When you invest in cryptocurrency, there are essentially three ways to store your new money:
- In a currency exchange
- In a digital wallet
- In a hardware wallet
In terms of security, the hardware wallet comes first and the currency exchange comes last.
Both currency exchanges and digital wallets are online, and therefore very vulnerable to hacks. Instead, cryptocurrency investors should always store their money in a hardware wallet.
This is a wallet which isn't connected to the internet, a bit like an external hard drive. These wallets are also known as ‘cold storage' and they allow you to store your bitcoin away from the grips of the internet.