Report: Hackers Steal Millions in Bitcoin by Merely Using Phone Numbers

Journalist:
Rebecca Campbell
December 21, 2016

Hackers are changing their game plan. By using a person’s phone number they can now gain access and steal money from someone’s bank account to bitcoin.

In a report from Forbes, which highlights the story of Colombian Jered Kenna, hackers were able to move his mobile phone number, after faking his identity, transferring it from T-Mobile to a carrier known as Bandwidth, which was linked to the hacker’s Google voice account.

The hackers then subsequently proceeded to reset Kenna’s email passwords before locking him out of 30 other accounts, which included two banks, PayPal, two bitcoin services, and his Windows account.

However, while the hacks into his bank accounts were reversible, the theft of his stolen bitcoin was not. According to the report, Kenna lost ‘millions of dollars’ worth’ of bitcoin.

He states:

I was one of the first people to actually do anything in bitcoin and I no longer have any bitcoin to speak of. I’ve got, like, 60 coins or something, which is nothing compared to – it’s a fraction.

Unfortunately, as Forbes notes, this is not a unique case. Nowadays, hackers are attempting to target anything ranging from people to hospitals so that they can get their hands on bitcoin.

Using Phones for Hacking

Phones, we use them everyday, but now hackers are turning them against us.

According to the Federal Trade Commission (FTC), thieves are using mobile phones more often to target unsuspecting people.

In January 2013, the number of incidents reported to the FTC for that month amounted to 1,038 incidents, representing 3.2 percent of all identity theft incidents. Fast-forward to January 2016 and that number had increased to 2,658 incidents, representing 6.3 percent of identity thefts reported to the FTC.

Of course, as Forbes reports, while it’s difficult to put an actual figure on the number of hacks targeting digital currencies, San Francisco-based Coinbase believes that number will double from November to December among its customers.

Who Has Been Targeted?

Individuals who hold a large portion of bitcoin are those that are often targeted by hackers. As it’s impossible to trace or reverse bitcoin transactions, hackers are savvy enough to know this.

So who exactly have they targeted in the past?

Adam Draper, who runs an accelerator Bitcoin startup called Boost VC, saw hackers steal $50k from him two years ago. As he didn’t know who did it, he couldn’t do anything about it. Bo Shen, a notable blockchain industry investor lost $300,000 worth of his Augur REP tokens after hackers stole them. While miner Joby Weeks saw hackers steal $100,000 worth of his bitcoin in addition to removing his other digital currencies such as Ether, Ripple, and Monero.

No Specialized Knowledge

Surprisingly, the hackers in these instances didn’t require any specific knowledge. All they needed was a person’s phone number and a customer service representative at a phone carrier who was not security minded.

Once in possession of a two-factor authentication code (2FA), which is typically supposed to add an extra security layer beyond a person’s password, the hacker can easily gain access to an individual’s bank account, email, social media accounts, and digital currency accounts.

Featured image from Shutterstock.

Rebecca Campbell