SIM swappers have adapted their attacks to steal a target's phone number by porting it into a new eSIM card, a digital SIM stored in a rewritable chip present on many recent smartphone models.

SIM swappers have adapted their attacks to steal a target’s phone number by porting it into a new eSIM card, a digital SIM stored in a rewritable chip present on many recent smartphone models.

  • edric@lemm.eeEnglish
    21·
    8 months ago

    SMS 2FA needs to die. It’s infuriating that a lot of banks still rely on sms.

  • baritone_edge@lemmy.mlEnglish
    10·
    8 months ago

    I’ve always been under the impression that in order to steal a phone number you have to social engineer it from the company or have physical access to the Sim card in the first place. Is that not the case?

    • Kid@sh.itjust.worksMEnglish
      4·
      8 months ago

      From the text:

      Now, attackers breach a user’s mobile account with stolen, brute-forced, or leaked credentials and initiate porting the victim’s number to another device on their own. They can do this by generating a QR code through the hijacked mobile account that can be used to activate a new eSIM. They then scan it with their device, essentially hijacking the number.

      No need for social engineering.