Over 20 executives in Israeli digital currency companies were the target of a hackers’ attack in which their identities were stolen. The hackers reportedly took over the phones of their victim. They then proceeded to access their social media and email accounts, and then reached out to the victims’ contacts in attempt to lure them to send digital currencies to the hackers’ wallets.
The attack was carried out by a sophisticated team of hackers that may have been state-sponsored, Israeli newspaper Hareetz reported. The earliest known incident was of an unnamed executive who approached Pandora Security, a local cybersecurity company, on September 7 and revealed that his phone had been hacked. He revealed the hackers had taken over his Telegram account.
“The hackers sent messages to this man’s contacts from his Telegram account in his name and asked them to send cryptocurrency,” Tzahi Ganot, the cofounder of Pandora told the paper.
A day later, Ganot received messages from around 20 other executives, all claiming to have been hacked as well. The victims were all CEOs and vice CEOs of digital currency companies, he told Hareetz. In most cases, the criminals had taken over the Telegram accounts of their victims, with others losing their email accounts as well.
Ganot stated, “In all the cases, the identity theft used the phone to conduct a user verification process with the help of SMS – and in all cases, the victims were clients of [Israeli telecommunications giant] Partner.”
The cybersecurity expert believes that the hackers found a way to hijack the victims’ SMS messages from Partner. They then changed the messages to log into their victims’ accounts and change the credentials. Ganot blamed the telecoms giant for its poor handling of the victims’ cases, with most of them being made to wait for days before they were attended to.
Partner, however, sought to absolve itself of blame, claiming that the incidents were not connected to the firm in any way. This is despite all the victims using its services. “Incidents like these can take place – especially during the coronavirus – to clients of other firms as well,” the company added.
The newspaper didn’t reveal if any of the victims have been able to recover their accounts. However, Ganot claimed that the hackers didn’t receive any digital currencies from their victims.
Israeli security agencies are looking into the incidents, the paper revealed. The National Cyber Security Authority; the Israel Security Agency, better known as Shin Bet and the national intelligence agency, known as Mossad have all launched inquests into the incidents.
Hackers have been targeting digital currency users through their phones for years now. In the U.S., several people have lost millions of dollars through SIM swap attacks, with some of them suing telecom companies such as AT&T for hundreds of millions of dollars.