SIM swappers hijacking phone numbers in eSIM attacks: Protect your cellular service account

Smartphone lying face down, with SIM tray next to it, with a loose SIM card

Previously, SIM swappers relied on social engineering or worked with insiders at mobile carrier services to help them port a target’s number. However, as companies implemented more protections to thwart these takeovers, cybercriminals turned their attention to emerging opportunities in new technologies.

Now, attackers breach a user’s mobile account with stolen, brute-forced, or leaked credentials and initiate porting the victim’s number to another device on their own.

They can do this by generating a QR code through the hijacked mobile account that can be used to activate a new eSIM. They then scan it with their device, essentially hijacking the number.

To defend against eSIM-swapping attacks, researchers recommend using complex and unique passwords for the cellular service provider account and enabling two-factor authentication if available.

But it also does show that banks should not be relying solely on SMS or authentication by SIM.

See https://www.bleepingcomputer.com/news/security/sim-swappers-hijacking-phone-numbers-in-esim-attacks/