Drudge Retort: The Other Side of the News
Friday, September 22, 2017

In a larger wave of bitcoin scams that have hit everyone from everyday people to hospitals, [Jared] Kenna's experience is only one of a spate of recent hackings of high-profile cryptocurrency industry players such as venture capitalists, entrepreneurs, C-level executives and others who have had their phone numbers hijacked, some of whom have also suffered financial losses, several of whom have been threatened or ransomed, and one of whom was put in physical danger. ... The security loophole these hackers are milking can be used against anyone who uses their phone number for security for services as common as Google, iCloud, a plethora of banks, PayPal, Dropbox, Evernote, Facebook, Twitter, and many others.

Advertisement

Advertisement

More

Alternate links: Google News | Twitter

In all these cases, as with Kenna's, the hackers don't even need specialized computer knowledge. The phone number is the key. And the way to it get control of it is to find a security-lax customer service representative at a telecom carrier. Then the hacker can use the common security measure called two-factor authentication (2FA) via text. Logging in with 2FA via SMS is supposed to add an extra layer of security beyond your password by requiring you to input a code you receive via SMS (or sometimes phone call) on your mobile phone. All fine and dandy if you're in possession of your phone number. But if it's been forwarded or ported to your hacker's device, then that code is sent straight to them, giving them the keys to your email, bank accounts, cryptocurrency, Facebook and Twitter accounts, and more.

Comments

Admin's note: Participants in this discussion must follow the site's moderation policy. Profanity will be filtered. Abusive conduct is not allowed.

Once again the weakest link in the chain is the low level human most likely earning $2 per week in a call center halfway around the world.

The more and more it seems that these security protocols are solely designed to make consumers FEEL like they have security rather than these billion dollar companies actually cut into profits to put real security in place.

Web bank is convenient for the consumer, but more convenient for the bank which doesn't have to pay salaries and benefits to a computer server. More of these stories get out and people actually start going back to the old ways of deposits and paper checks and the profits of the bank will get cut into.

#1 | Posted by 726 at 2017-09-22 12:05 PM | Reply | Newsworthy 1

Unless this guy is on a Google Chromebook or he was dumb enough to give an online service access to the drive once it was mounted to his terminal, I still don't get how they went from password-recovering one of his online accounts to hacking a harddrive he had in physical possession.

726 you are absolutely right.

#2 | Posted by IndianaJones at 2017-09-22 12:28 PM | Reply

Comments are closed for this entry.

Home | Breaking News | Comments | User Blogs | Stats | Back Page | RSS Feed | RSS Spec | DMCA Compliance | Privacy | Copyright 2017 World Readable

Drudge Retort