BlockFi cryptocurrency platform informsthat last week suffered from an attack by an unknown attacker. The hacker tried to steal funds from the company's customers, but, fortunately, did not succeed.
To compromise BlockFi, an attacker took advantage of a SIM swap attack. Let me remind you that the essence of such attacks is that the criminal addresses the representatives of the victim’s mobile operator and uses social engineering. For example, posing as the real owner of the number, the fraudster claims to have lost or broken his SIM card and is trying to transfer the number to a new SIM card. Then the attacker steals accounts tied to the phone number, effectively stealing other people's identities. Such attacks are often used to steal large amounts of cryptocurrency, from bank accounts (after all, intercepting 2FA codes becomes quite simple) or hijacking expensive Instagram accounts.
In this case, the criminal stole a SIM card from an unnamed BlockFi employee, established control over his phone number, reset his email password and gained access to the mailbox, and also got to accounts on the BlockFi platform.
BlockFi representatives report that the attacker had access to the platform for approximately 86 minutes. During this time, the hacker tried, but failed to steal client funds.
“Every action that an unauthorized third party has taken in relation to our systems is recorded, and BlockFi can confirm that as a result of this incident, passwords, social security numbers, tax IDs, passport and ID data, bank account information, and also non-public identification data, ”reads the company's report.
At the same time, the attacker nevertheless gained the appropriate access and was able to view the information about BlockFi clients, usually used by the company for marketing purposes. The company believes that this leak does not pose any significant risks to users. So, as a result of the incident, they were compromised:
- the name specified in the account;
- E-mail address;
- Date of Birth;
- physical address of residence;
- Operations history.
BlockFi recommends that its users turn on multi-factor authentication for accounts, as well as activate the white list of wallets, which will not allow hackers to transfer funds to accounts not included in this list.
The company also claims to have updated internal systems and limited employee access to marketing information about users; a security audit and penetration testing were planned; Updated incident response protocols to speed up blocking in case of intrusions.