Blockchain Capital’s co-founder and managing partner, Bart Stephens, has filed a lawsuit against an anonymous hacker who allegedly stole $6.3 million worth of cryptocurrencies from his digital wallets, as reported by CryptoNews.
The incident highlights the growing threat of SIM-swap attacks, where cybercriminals manipulate personal information obtained from the dark web to bypass security protocols with cellular network providers.
The legal complaint, filed on August 16 at the United States District Court for the Northern District of California, accuses the hacker, known as Jane Doe, of orchestrating the attack in May. The hacker gained control over Stephens’ cellular network account and successfully transferred his private cell number to a new device. This enabled the attacker to reset account passwords, ultimately securing control over the victim’s digital assets.
SIM-swap attacks have been on the rise, with the FBI noting a significant increase in losses caused by such attacks. In 2022 alone, hackers stole a staggering $72 million through SIM-swap attacks, surpassing the previous year’s total of $68 million. This technique relies on manipulating customer service representatives of cell phone networks into divulging sensitive personal information, allowing the hackers to port the victim’s phone number to a device under their control.
Blockchain Capital, established by Bart Stephens and his brother Brad Stephens in 2013, has been a prominent player in the cryptocurrency realm. The San Francisco-based fund has provided support to various notable crypto startups, including Coinbase, Kraken, and Opensea.
According to the lawsuit, the hacker exploited the compromised cell phone number to override password protection and two-factor authentication processes on unspecified digital wallets.
This granted the attacker access to the victim’s digital holdings, which they systematically looted. Astonishingly, the hacker even had the audacity to boast about their ability to remotely manipulate U.S. phone numbers to Stephens just a day before the theft occurred.
The lawsuit also revealed that the hacker attempted to steal an additional $14 million in bitcoin and ethereum, held in a custodial cold wallet owned by Stephens. Thankfully, an attentive employee of Blockchain Capital detected the suspicious activity and thwarted the unauthorized withdrawal. This incident marked the first time Stephens became aware of the attack on his cryptocurrency accounts.
As SIM-swap attacks continue to plague the cryptocurrency industry, it is vital for individuals and organizations to remain vigilant and take proactive measures to protect their digital assets. The constant evolution of cybercriminal tactics reminds us of the importance of staying informed and employing robust security practices.