A hacker forum user was found offering SIM blocking and forwarding services of Russian companies, namely, Beeline, Yota, and Megafon.
In a post, the user wrote, “We present to your attention the service of blocking, forwarding Sim Cards Beeline, Yota and Megafon. We do it exactly at the moment when you say it.”
The Cyber Express is yet to get a confirmation from Beeline, Yota, or Megafon on any SIM blocking incident, the threat actor clearly is targeting the Russian telecommunication sector.
Evangelia Soultani, the co-founder of SECUREPORT, shared insights with The Cyber Express about sim frauds and said, “The growing trend of SIM frauds poses significant privacy and monetary threats to individuals and organizations alike. SIM fraud, also known as SIM swapping or SIM hijacking, involves unauthorized individuals gaining control of a victim’s mobile phone number.”
Addressing account takeovers arising from sim frauds, Evangelia added, “One of the primary objectives of SIM fraud is to carry out account takeovers. With control over a victim’s phone number, fraudsters can bypass two-factor authentication (2FA) mechanisms that rely on SMS verification. They can reset passwords, access online accounts, and carry out fraudulent transactions.”
Threat actors target sim blocking and forwarding services
The possible reasons for blocking Russian telecommunication services would be to interrupt communications of every kind, all across the nation.
The impact of sim blocking and forwarding service
Several sim-related frauds are on the rise. SIM or Subscriber Identity Module market was found to be nearly $3,595.4 million in 2021. There are more sim cards than people with a survey stating that the number exceeded the population by 104% in 2021.
Russia sold nearly 96 million sim cards in 2021 which added 13 million more cards as compared to the previous year. With more sim cards being sold and people opting for dual sims or more for work and other purposes, its privacy becomes a matter of concern.
Scammers and hackers have been found using sim card fraud to perform monetary scams, identity theft, bank transactions, medical claims meant for legitimate users, etc.
Identity theft
Hackers may commit identity theft by using duplicate sims with the same number as the legitimate user by tricking the service provider.
They can impersonate that individual and perform fraud based on them. For example, if the legitimate user was a retired employee of a company who has a pension plan, health insurance, and other facilities.
The hacker may offer fraudulent documents from the user and make calls to avail of the facilities that were for the user.
“Identity theft occurs when someone steals your personal information – such as your Social Security Number, bank account number, and credit card number,” read an Investopedia report.
Instances such as sim blocking can allow the hacker to opt for a duplicate sim in the user’s name and perform malicious activities in their name.
Sim swapping a possibility with the sim blocking and forwarding services
Sim swapping does not rely on access to the phone, however, hackers need the number itself to access two-factor authentication codes and then carry on with furthering their reach to the bank account, social media accounts, etc.
Hackers contact the carrier and manage to convince the executive to transfer the number to another sim in possession with them. This lets them access all the incoming messages and communications including OTPs and passwords related messages.
Tampering with the privacy of a sim card opens the door to several other hacks as it stores numerous contacts, names, and in some cases emails, professional data stored in contacts, etc.
The hacker offering sim blocking on the dark web can cause damage not only to the target but also to the contacts mentioned on the sim.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
