Hackers Steal $100,000+ Worth of BTC From Engineering Manager at Crypto Custodian BitGo

Published at: May 22, 2019

Sean Coonce, engineering manager at cryptocurrency custodian BitGo, announced that he has fallen victim to a SIM swapping hack in a Medium post published on May 20.

According to the post, Coonce had over $100,000 siphoned out of his account on cryptocurrency exchange Coinbase in under 24 hours.

In his post, Coone details SIM swapping, a practice that sees the attacker maliciously requesting a telecommunications carrier to redirect the traffic of a mobile phone number to a device over which they have control. This device is then used to obtain two-factor-authentication (2FA) codes which grant control over the victim’s online account.

After describing in detail how the attack had been carried out, Coone noted his recommendations to prevent such attacks, including using a hardware wallet to secure personal cryptocurrency holdings and using a YubiKey for 2FA. In cases in which a YubiKey is not supported, he recommends using Google Voice 2FA, since he claims those numbers are not vulnerable to SIM swapping.

Lastly, Coonce also suggests using a password manager and reducing a user’s personal online footprint by publicly sharing less personal information online. He stated that he “can’t stop thinking about the small, easy things I could have done to protect myself along the way,” and added:

“Given my naive security practices, I probably deserved to get hacked.”

As Cointelegraph reported earlier this month, United States blockchain and crypto investor Michael Terpin has won $75.8 million in a civil case against 21-year-old Nicholas Truglia, who reportedly defrauded him of crypto assets through SIM swapping.

Also in May, the U.S. Department of Justice released a fifteen-count indictment charging a hacking group labeled “The Community” with SIM swapping in order to steal cryptocurrencies.

Tags
Related Posts
Recent Firefox Zero-Day Flaw Was Used in Attacks Against Coinbase’s Employees
The recent Firefox’s zero-day security flaw was used in attacks against major crypto exchange and wallet service Coinbase, according to a tweet from Coinbase security researcher Philip Martin posted on June 20. As Martin found, the reported critical zero-day vulnerability in Mozilla’s Firefox web browser, which was announced on June 18, has actually emerged along with another zero-day flaw that targeted Coinbase employees, meaning that there were two separate Firefox zero-day attacks. The Coinbase security expert tweeted: “On Monday, Coinbase detected & blocked an attempt by an attacker to leverage the reported 0-day, along with a separate 0-day firefox sandbox …
Cryptocurrency Exchange / June 20, 2019
Bitcoin Stolen in Binance Hack Moved to Seven Addresses
Proceedings from yesterday’s hack of cryptocurrency exchange Binance have been moved to seven addresses, crypto news outlet The Block reports on May 9. The breach resulted in about 7,074 bitcoins (BTC) — worth nearly $42.8 million at press time — being stolen from the exchange’s hot wallet. The transaction had 44 outputs, 21 of which were native Segregated Witness addresses, and those addresses received 99.97% of the funds. According to The Block, the funds from those 44 addresses have been reportedly since moved to seven addresses, six of which hold 1,060.6 BTC, while one holds 707.1 BTC. Previously, anti-money laundering …
Cryptocurrency Exchange / May 9, 2019
PwC: Bitcoin Ransomware Hackers Laundered Money via WEX Exchange
Big Four consulting and auditing company PwC has linked Iranian nationals behind Bitcoin (BTC) ransomware scheme SamSam to the crypto exchange WEX in a recent report published in February. The report is based on information that was previously disclosed by the United States Department of Justice (DoJ). As per the DOJ, two Iranians — Faramarz Shahi Savandi and Mohammad Mehdi Shah Mansouri — were responsible for creating SamSam. SamSam is a ransomware demanding Bitcoin that reportedly damaged multiple U.S. companies, government agencies, universities, and hospitals. Within 34 months the hackers managed to extort over $6 million in Bitcoin and cause …
United States / March 4, 2019
Report: North Korean Hackers Created Realistic Trading Bot to Steal Money
The North Korean hacking team Lazarus Group targeted several crypto exchanges last year, Chainalysis reports. One of the attacks involved the creation of a fake, but realistic trading bot website that was offered to employees of DragonEx exchange. In March 2019 the hackers stole approximately $7 million in various cryptocurrencies from Singapore-based DragonEx exchange. Though a relatively small sum, the hackers went to great lengths to obtain it. The group used a sophisticated phishing attack where they created a realistic website and social media presence for a fake company named WFC Proof. The supposed company had created Worldbit-bot, a trading …
Cryptocurrency Exchange / Feb. 5, 2020
Report: Record-Breaking Coincheck Hack Perpetrated by Virus Tied to Russian Hackers
The personal computers of employees at hacked Japanese crypto exchange Coincheck have allegedly been found to have been infected by a virus associated with a hacker group of Russian origin. The allegation was reported by Cointelegraph Japan on June 16. As Cointelegraph has reported, in January 2018, Coincheck suffered an industry record-breaking hack when $534 million worth of NEM was stolen from its wallets. Cointelegraph Japan cites a report from Japanese media agency Asahi Shimbun, which claims that fresh research has cast doubt on prior assumptions that the high-profile hack had been perpetrated by attackers with a North Korean connection. …
Cryptocurrency Exchange / June 17, 2019