Replying to Avatar Hacker News

SIM swappers hijacking phone numbers in eSIM attacks

Comments ( https://news.ycombinator.com/item?id=39719597 )

https://www.bleepingcomputer.com/news/security/sim-swappers-hijacking-phone-numbers-in-esim-attacks/

Avatar
Ava 1y ago

Privacytechpro tip: Protecting your credentials with good OPSEC practices significantly reduces your chances of becoming the victim of a SIM swapper attack.

#cybersecgirl

----

SIM swappers hijacking phone numbers in eSIM attacks

----

"Now, attackers breach a user's mobile account with stolen, brute-forced, or leaked credentials and initiate porting the victim's number to another device on their own.

They can do this by generating a QR code through the hijacked mobile account that can be used to activate a new eSIM. They then scan it with their device, essentially hijacking the number.

Simultaneously, the legitimate owner has their eSIM/SIM deactivated."

nostr:nevent1qqsvje3t0qd9m2enwx8pnx60gq3uw7kj08rjz2z68gx9xu6qwdk6ancpr3mhxue69uhkummnw3ezucnfw33k76twv4ezuum0vd5kzmqzyzqhzjxrdyq42sqmf9zcppclkpty5ha2lw29fqf7722lyurteye4jqcyqqqqqqg4kwaxt

Reply to this note

Please Login to reply.

Discussion

Avatar
OzzyHB 1y ago

Thanks for the interesting notes!!

OpSec is something that is going to he more and more important as we move forward!

I feel a user chosen federation model might work for a lot of ppl... Eg to port an ID, (for anything) a set n of n key would be needed..

I'd imagine family, friend, community models could work for different things..