Cryptocurrency is being stolen with phone numbers

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • GFED
    Confirmed User
    • May 2002
    • 8121

    #1

    Cryptocurrency is being stolen with phone numbers

    https://www.flow.page/savethechildren
  • Bladewire
    StraightBro
    • Aug 2003
    • 56220

    #2
    Great info thx


    Skype: CallTomNow

    Comment

    • lezinterracial
      Confirmed User
      • Jul 2012
      • 3116

      #3
      I remember hearing a story about this a while back. But this needs to be repeated.

      Guy was talking about bitcoin on twitter. Bad guy got his phone number and was able to switch his phone to that number. Did a password recovery and the bad guy got the guy's bitcoin and ether. The guy that got ripped was watching his account get drained and trying to call support. Which was closed.
      Live Sex Shows

      Comment

      • just a punk
        So fuckin' bored
        • Jun 2003
        • 32385

        #4
        It was working a year ago or so, actually...
        Obey the Cowgod

        Comment

        • Barry-xlovecam
          It's 42
          • Jun 2010
          • 18083

          #5
          Old news but worth repeating -- this still works?

          Encrypted SHA3 dual verification (credentials) has been known (with the encryption algorithms of the era) for over 15 years now. password and 'key phrase' is one common way it is done.
          https://www.theregister.co.uk/2016/1...s_say_boffins/

          Comment

          • rowan
            Too lazy to set a custom title
            • Mar 2002
            • 17393

            #6
            Originally posted by lezinterracial
            I remember hearing a story about this a while back. But this needs to be repeated.

            Guy was talking about bitcoin on twitter. Bad guy got his phone number and was able to switch his phone to that number. Did a password recovery and the bad guy got the guy's bitcoin and ether. The guy that got ripped was watching his account get drained and trying to call support. Which was closed.
            If I recall correctly the account was also set up to use SMS for two factor authorisation, so by porting the victim's number to a new phone+SIM it was possible to set a new password and log in using 2FA...

            Don't use SMS for 2FA!

            Comment

            • DraX
              Confirmed User
              • Oct 2002
              • 7147

              #7
              Originally posted by rowan
              If I recall correctly the account was also set up to use SMS for two factor authorisation, so by porting the victim's number to a new phone+SIM it was possible to set a new password and log in using 2FA...

              Don't use SMS for 2FA!
              I use google authenticator on one site and on another I have email and then sms. Doesn't make it stronger with the added 1st step email confirmation if someone ports my phone number. Might look into another solution.

              Is google authenticator the best solution to protect a user account ?
              Deposit Today With BTC - Play With Bitcoins

              Comment

              Working...