- SIM swappers in the US are now compromising carrier systems directly via RDP tools.
- The scammers are tricking employees through social engineering instead of bribing them.
- The Congress is calling the FCC to take action against this escalating national-security problem.
The Motherboard is reporting that hackers are now overriding telecom employees that they used to bribe for SIM-swapping purposes, and are using remote desktop software to directly do the job themselves. The subscribers who are losing access to their phone numbers are from T-Mobile, AT&T, and Sprint, so we’re talking about a large-scale and escalating problem here. In some cases, the breach happens through social engineering and convincing telecom employees to run malicious software on the company’s network. Other times, the breach occurs through highly sophisticated direct hacker attacks.
SIM swapping is a form of attack where a hacker disables the SIM card of the victim and ports the number onto their own SIM card. The purpose of this is to break through the wall of two-factor authentication systems that people use to protect cryptocurrency wallets or other valuable online accounts. Recently, telecom providers have tried to introduce some protection systems against this type of attack, so the only way for hackers to continue would be to compromise the providers’ systems directly and carry out the number porting process on their own.
According to actors that Motherboard claims to have interviewed, SIM swappers are using Remote Desktop Protocol (RDP) software like Splashtop. The employee who works on the telecom firm is enabling the RDP through social engineering after the scammers call them and claim to be a customer support representative. From there, everything is easy using “QuickView” for T-Mobile and “Opus” for AT&T. Obviously, this works thanks to the lack of training and knowledge of the employees, and the fact that credulous people have access to the SIM swapping tools of the telecom service providers. The firms responded by saying that they are aware of the new technique, and they are already working towards the mitigation of the risk.
At the same time, the Congress sees SIM swapping indictments piling up and urges the FCC (Federal Communications Commission) and carriers to finally do something about the problem. In a letter sent to the FCC’s chairman, SIM swapping is classified as a national security issue, and no adequate security measures are in place to tackle it. The FCC is pressed to impose the adoption of measures that are implemented in other places in the world, like the confirmation emails containing one-time passwords. Moreover, stricter penalties to carriers who fail to protect their consumers from this type of attack are also suggested.