Silver Miller. a cryptocurrency-focused law firm based in the U.S., says it has filed arbitration claims against AT&T and T-Mobile on behalf of victims of "SIM swapping" cellphone hacks.
Initiating the court actions on behalf of clients that have lost funds to criminals that used the increasingly common method of infiltrating mobile devices to access cryptocurrency wallets and two-factor authentication codes, the firm alleges:
In a press release published Friday, Silver Miller said that one client, an AT&T customer, had had over $621,000 of cryptocurrency stolen via a SIM swap attack. The firm further alleges that the breach occurred after AT&T "had assured him it had increased security on his account following an earlier attempted hack."
Other cases have been filed against T-Mobile, with Silver Miller alleging that two clients had been robbed of $400,000 and $250,000, respectively, via SIM swaps "permitted" by the telcom firm.
While the service exists for legitimate reasons, such as SIM card damage or switching providers, SIM swapping can also allow criminals to arrange for a telecoms company to reassign a user's account to another SIM, allowing full access to all calls, messages and notifications.
Silver Miller said that all it takes for a swap to be arranged "a persuasive plea for assistance, a willing telecommunications carrier representative, and an electronic impersonation of the victim."
In a recent report from Krebs on Security, the REACT Task Force in California indicated that SIM swapping is rapidly increasing as a popular tool for hackers.
Samy Tarazi, a sergeant at the Santa Clara County Sheriff's office and a REACT supervisor, was quoted as saying:
SIM card image via Shutterstock