Co-founder and managing companion at Blockchain Capital, Bart Stephens, has taken authorized motion in opposition to an unidentified hacker who allegedly stole $6.3 million value of cryptocurrencies from his digital wallets, Forbes reported.
Stephens claims Jane Doe exploited a SIM-swap vulnerability, manipulating private info sourced from the darkish internet to bypass safety protocols with the mobile community supplier.
This breach enabled the hacker to reset account passwords and finally acquire management over the sufferer’s digital property.
The lawsuit filed in the USA District Courtroom for the Northern District of California on August 16, alleges that the hacker orchestrated the assault in Could by commandeering Stephens’ mobile community account and subsequently transferring his personal cell quantity to a brand new machine.
Earlier this month, the fund’s Twitter account was compromised in an unrelated safety breach, used to advertise a cryptocurrency token.
Hackers Stole $72 Million Through SIM-Swaps in 2022
SIM-swap assaults have been more and more employed by cybercriminals, a development underscored by the FBI.
As per the FBI, SIM-swap assaults resulted in an estimated $72 million in losses in 2022, up from $68 million in 2021.
SIM-swap assaults depend on manipulating customer support representatives of mobile phone networks into divulging delicate private info.
Armed with this information, hackers can manipulate safety protocols to port a sufferer’s cellphone quantity onto a brand new machine underneath their management.
Stephens, who co-founded Blockchain Capital in 2013 alongside his brother Brad Stephens, has been a distinguished determine within the cryptocurrency realm.
The San Francisco-based fund has supplied backing to a number of notable crypto startups, together with Coinbase, Kraken, and Opensea.
Hacker Gained Management of A number of Digital Wallets
The lawsuit alleges that the hacker exploited the compromised mobile phone quantity to override password safety and two-factor authentication processes on varied unspecified digital wallets.
Subsequently, the attacker launched into a scientific looting of the plaintiff’s digital holdings.
Stephens claims that the hacker even communicated with him a day earlier than absconding with the $6.3 million, boasting about their potential to remotely manipulate U.S. cellphone numbers.
Along with the stolen funds, the hacker sought to get away with an extra $14 million in bitcoin and ethereum held in a custodial chilly pockets owned by Stephens.
Fortuitously, a vigilant worker of Blockchain Capital detected the suspicious exercise and thwarted the unauthorised withdrawal. The incident marked the primary time Stephens realized concerning the assault on his account.