Fun

AT&T Responds to Crypto Exec’s SIM Swap Suit: See You in Court

News Feed - 2019-10-29 04:10:29

AT&T said it would fight allegations that it was negligent in a customer’s loss of $1.7 million in a SIM swap.


The allegations come from Seth Shapiro, VideoCoin’s head of strategy, who blames the phone giant for failing to secure his phone during a May 2018 hack.


Speaking exclusively to CoinDesk, AT&T spokesman Jim Greer said: “It is unfortunate that Mr. Shapiro experienced this, but we dispute his allegations. We look forward to presenting our case in court.”


After a series of brazen SIM swaps, Shapiro said he lost $1.7 million in cryptocurrency. Hackers allegedly seized control of his cellphone, reset his email and breached his exchange accounts to steal $1 million from him, with the balance belonging to other people for upcoming investments.


Greer said AT&T was cautioning all its customers to bolster their security measures, and that mobile phone authentication is not enough: “Recent high profile cases reinforce the importance of businesses and consumers taking steps to protect against SIM swap fraud, such as not using mobile phone numbers as the single source of security and authentication.”


To access Shapiro’s SIM card, the hackers allegedly paid off AT&T employees – now since fired and being prosecuted in criminal court – to gain control.


According to Shapiro, the initial phone hack occurred during the May 2018 Consensus conference. On the same date, Shapiro’s VideoCoin announced the close of a $50 million private coin offering, for which his related Alphabit Fund subscribed. Two colleagues of his in several ventures – entrepreneurs Chris Kitze and Enzo Villani – were also SIM hacked at the same time, but they did not lose any funds.


In April 2019, Joel Ortiz, the alleged 21-year-old mastermind of the Shapiro hack, was sentenced to 10 years in federal prison, after pleading no contest to charges that he orchestrated 13 SIM swaps. An accomplice, a 19-year-old minor, was charged in seven cases. Ortiz was alleged to have made off with $5.2 million, but only $400,000 was recovered.


Another high-profile SIM hack case was brought against AT&T last year, when Michael Terpin, a crypto exec with a public relations firm, investment company and conference series, and a partner of Shapiro’s in several of those ventures, said he lost $23.8 million when his phone was hacked.


Terpin sued the telephone company to reclaim his losses, in addition to $200 million in punitive damages and that the breach was a violation of the Federal Communication Act. The perpetrators were alleged to be a New York City-based, 21-year-old thief named Nicholas Truglia, along with his 16-year-old computer hacking accomplice.


According to an affidavit filed by a Truglia friend caught up peripherally in his bust, the thief’s M.O. was to have himself fraudulently added as an admin to a target’s phone account, then proceed to a local AT&T store where he used his own ID to verify his identity and instruct an AT&T employee to make the changes to provide him access to the SIM. The least secure security measure


The loss highlights an obvious question for security experts, who wondered why an experienced crypto executive would keep such high sums in an online exchange rather than “cold storage” – i.e. offline storage, where it would be completely shielded from remote hacks.


Relying on a cellphone to secure any part of one’s online security apparatus is a huge potential vulnerability, Haseeb Awan, CEO of the California-based SIM card security provider DontPort, told CoinDesk.


“People should avoid SMS [verification] whenever possible,” Awan said. “Two-factor authentication is probably the worst form of authentication,” because of the ease with which hackers compromise it.


Even without the AT&T moles alleged by Shapiro, Awan, himself the target of multiple SIM swaps, said hackers social engineer, trick and buy their way into victims’ mobile accounts every day, making the value of cellphone verification almost negligible.


Many people think they will never get hacked simply because they have never been before, Awan said: “It’s kind of like saying you will never die because you haven’t yet.”


That hubris makes them even more vulnerable.


SIM swapping is a relatively well-known threat among high-profile crypto holders, who are often targeted because of their publicity and the heightened likelihood that they may hold valuable assets.


Shapiro, the current head of strategy for VideoCoin and founder of various crypto media projects, even told investigators that he immediately suspected SIM-swapping when his phone suddenly stopped working.


Awan said he was surprised Shapiro could have lost so much money so easily: “He’s not some newbie. He’s been in crypto for a while.”


AT&T’s Greer said that offline storage is the only real solution: “For cryptocurrency, security experts recommend further safeguards, such as keeping cryptocurrency in ‘cold storage,’ an offline environment that can’t be accessed via the internet, and following instructions regarding storage of wallet and exchange access credentials.”


CoinDesk contacted Shapiro, his legal counsel, Kitze, Villani and Terpin, none of whom responded to requests for comment.


It was unknown from the legal filings, which, if any, security products the executives had on their hacked phones.


SIM card image via Shutterstock

News Feed

Report: Billionaire Says Britain May Be Forced to Seek Bailout From IMF if It Does Not Renegotiate Brexit Deal
Report: Billionaire Says Britain May Be Forced to Seek Bailout From IMF if It Does Not Renegotiate Brexit Deal British billionaire investor Guy Hands has reckoned that Britain will
Grammy Nominated Hip-Hop Star Logic Dropped $6 Million Into Bitcoin Last Month
Grammy Nominated Hip-Hop Star Logic Dropped $6 Million Into Bitcoin Last Month During the last few months, a slew of celebrity luminaries, millionaires, and even
Ethereum Price Could Still Reclaim $4,000 Based On This Bullish Divergence
Este artículo también está disponible en español. The Ethereum price appeared to be finally gearing for a strong bullish breakout after multiple weeks of disappointing an
Lava launches as decentralized lending market to optimize liquidity across blockchains
Zoltan Vardai10 hours agoLava launches as decentralized lending market to optimize liquidity across blockchainsMitigating impermanent loss could help democratize market-making in DeFi, according to Recharge Capital’s J
FTX Launches Gaming Unit to Offer Crypto Services to Other Companies
FTX Launches Gaming Unit to Offer Crypto Services to Other Companies FTX, a leading cryptocurrency exchange, has announced it will enter the gaming field. The company revealed it i
Unnamed South African Investor Proposes Buying 51% Stake in Collapsed Crypto Firm for $5 Million
Unnamed South African Investor Proposes Buying 51% Stake in Collapsed Crypto Firm for $5 Million An unknown investor has proposed to acquire a 51% stake in Africrypt — the c
Analysts expect Bitcoin price recovery after Fed leaves rates unchanged
Nancy Lubale5 hours agoAnalysts expect Bitcoin price recovery after Fed leaves rates unchangedBitcoin price shows signs of a recovery, but analysts are uncertain whether the strongest part of the correction has passed.33
Warner Bros. and Nifty’s to Launch Looney Tunes Story Bolstered by NFTs
Warner Bros. and Nifty’s to Launch Looney Tunes Story Bolstered by NFTs On Thursday, Warner Bros. announced it was collaborating with the non-fungible token (NFT) focused social
BitMEX Says Quality Check ‘Failure’ Led to Email Privacy Breach
BitMEX says its internal processes “failed” last week, subsequently exposing thousands of the exchange’s clients to privacy risks. In a company blog posting on Mon
Bitcoin Miners Catch a Break as Mining Difficulty Drops for the First Time in 3 Months
Bitcoin Miners Catch a Break as Mining Difficulty Drops for the First Time in 3 Months Bitcoin miners got a small break on March 3, after the network’s mining difficulty shi
David Attlee34 minutes agoJapanese regulator seeks to scrap “unrealized gains” tax on cryptoThe Japanese Financial Services Agency has proposed changing the tax code around digital assets to free domestic firms from
South Korea's strict laws on crypto exchanges come into force
Ciaran Lyons52 minutes agoSouth Korea"s strict laws on crypto exchanges come into forceThe new regulations issued by South Korea’s watchdog to protect user assets on crypto exchanges went into effect on July 19.312 Tot