Prominent Crypto Advocate Faces SIM-Swap Attack, Loses Millions

Overview of the Incident

Bart Stephens, the co-founder and driving force behind Blockchain Capital and a renowned cryptocurrency proponent, has been hit with a staggering loss of $6.3 million in digital assets. This loss was orchestrated through a SIM-swap attack, an increasingly common cybercrime tactic targeting high-profile individuals in the crypto sphere.

The Intricate Heist

In May, a hacker, who remains unidentified and is referred to as Jane Doe, employed a combination of publicly accessible and dark web-acquired personal details to deceive Stephens’ mobile carrier. Having convinced them, the hacker managed to have Stephens’ private mobile number shifted to a SIM card in a new device. The legal action initiated by Stephens at the United States District Court for the Northern District of California details this malicious scheme.

Rising Trend: SIM-Swap Attacks

As the digital currency realm continues to swell, so does the interest of cybercriminals. The Federal Bureau of Investigations highlighted this perilous trend in 2022, noting that such attacks have been on the rise. A significant increase was observed with an estimated theft of $72 million in 2022, compared to $68 million the previous year.

Blockchain Capital: A Beacon in the Crypto World

Founded in 2013 by Bart Stephens and his sibling, Brad Stephens, Blockchain Capital is a cornerstone in the cryptocurrency world. The San Francisco-headquartered fund has played a significant role in uplifting crypto startups, including big names such as Worldcoin, Coinbase, Kraken, and the NFT exchange, Opensea. However, Blockchain Capital has not been immune to cyber threats; their Twitter was recently compromised, as reported by Cointelegraph.

Details of the Digital Heist

Leveraging the power of Stephens’ phone number, the hacker was able to reset account passwords and bypass two-factor authentication barriers on various undisclosed digital wallets. The assailant then began the process of draining Stephens’ digital holdings.

The audacity of the hacker knew no bounds. Just a day before transferring the stolen funds, the perpetrator gloated about their prowess, revealing their capability to hack any phone number within mainland U.S.

A saving grace came when an attempt to move $14 million worth of bitcoin and ethereum from Stephens’ custodial cold wallet was thwarted by an alert Blockchain Capital employee. The lawsuit elucidates that this was the initial red flag raised about the ongoing attack.

Regrettably, it wasn’t until the day following the theft that the mobile network verified the SIM-swap attack’s occurrence. Complicating recovery efforts, a significant portion of the stolen assets was funneled through crypto tumbler exchanges, platforms designed to obfuscate transaction trails.

Mechanics of a SIM-Swap Attack

The foundation of a SIM-swap attack lies in the art of deception. Culprits often persuade mobile network representatives into disclosing sensitive user information. This data, in turn, aids the hacker in transferring the target’s phone number to a SIM under their control.

A case in point is the conviction of Nicholas Truglia from Florida. In a landmark case from December 2022, Truglia received an 18-month prison sentence for orchestrating SIM-swap attacks leading to the theft of more than $20 million, with notable victims like Michael Terpin of Transform Ventures.

In Defense of Cryptocurrencies

Stephens’ commitment to the cryptocurrency cause remains undeterred, despite such setbacks. Historically, he has been a vocal supporter of the technology, challenging detractors such as JP Morgan’s Jamie Dimon. As Stephens once highlighted to CNBC, crypto is not just a passing fad but a transformative technology set to revolutionize numerous sectors.