CoinDesk Explains SIM Jacking or "SIM Hacks"

In today's tightly connected world it always sucks to lose your phone, but when you add "Your money" to that sentence it's even more painful.

TWO HOURS LATER.John: Hello, this is another rep from your phone company.

Adam: Hi, I'm John Biggs and need you to activate my new phone.

The real trick is that if you don't succeed with the first rep, you can call back basically an unlimited number of times until your phone company support slips up, forgets security protocol and agrees to make the change.

Nobody is actually hacking or attacking your phone itself, they're taking advantage of the fact that T-Mobile support wants to help you, or at least not get yelled at by you too much.

John: Yeah, my carrier bought it alright, and helped them out by activating their new phone with my current number.

Adam: Ok, so now they have your cell phone, they get your phone calls, they get your text messages and you don't.

Adam: So when your phone became their phone, now they were the ones who could reset your password.

All of the two-factor notifications went, by default, to my phone number, which was now their phone number, so I received none of the notifications and in about two minutes I was locked out of my digital life.

He used one of these socially engineered SIM swaps with Terpin's phone to steal $24 million in crypto, which led to Terpin opening a $200 million lawsuit against his cell phone provider, AT&T.John: How much did this guy have? According to court documents, he had a number of Trezors.