Simcard Swap story

I had the most stressful real-time battle of my life and I would like to share it with you so we all learn the lessons together.

Today my email account was hacked (through SIM card swap) . Some account passwords were reset/changed. As far as I know; I haven’t lost anything and I cut the hackers connection (passwords changed, more security activated, simcard blocked) .

I am not sure how much he/she infiltrated, or can he see my WhatsApp communications (if he managed to log in from his/her device) . I don’t know how and why I was picked. (I am neither rich nor I look rich) I’ve been in crypto scene for few years (using multiple exchanges, emails, banks) but not many knows. I never had a lot of money to invest so , I am slowly learning and having fun with it (I know its the future). I am comfortable with Computers/security. I have a normal amount ofdigital footprint as anyone.

For anonymity , I am changing the times (not the relation between them) , and names (bank/exchange/operator/country..). Lets say I live in Germany.

10:35 I received an SMS from Hotmail for verification. At this point I was thinking someone misspelled his/her phone number and this has nothing to do with me.

10:43 received a sign in notification email from Hotmail, stating “someone from USA (probably VPN) signed into my account, and they requested SMS verification”

10:45 password reset email for dropbox (Found in trash bin)

10:46 “Dropbox password is changed” email

10:49 Binance verification code email

10:53 password reset for Revolut bank email

10:58 password reset for Coinbase email (in Italian)

10:58 “Coinbase password is changed” email (in Italian)

10:59 password reset email for Kucoin

Until the time I realized what was going on and started doing something to fight back, a few more minutes passed.

But I started taking the control back;

11:06 Google authenticator for Hotmail is activated (by me) (to bypass SMS verifications)

11:07 Hotmail password changed (by me)

11:07 Mobile phone removed from Hotmail account (to stop the hacker from receiving SMS)

11:09 Binance password changed (by me)

11:11 Revolut password changed (by me)

11:13 Kucoin password reset (by me)

11:14 Coinbase password reset (by me)

The hardest (most time consuming) part was getting my simcard blocked as I can’t make any calls and it is surprisingly hard to reach a human representetive nowadays . With this last step I think I managed to stop him/her from gaining any control again.. I spent few hours changing my passwords (life s a bitch)

Until now I haven’t noticed any more suspicious activity, I haven’t lost anything as far as I noticed.

Coinbase account was ancient , not main , haven’t been used for awhile. Probably pre 2FA (google authenticator). I contacted support and told them I lost control and they should block the account.

Binance was unused and empty , dead account after some KYC rules, I regained the control and changed password

Kucoin had some coins but I regained control and changed the password before its too late.

Revolut account was also saved in time.

All this time I was shaking and chanting “WTF am I gonna do” repeatedly.. The helplessness , cold sweats of losing everything, and having to act while under crazy stress. I was so lucky I saw these almost real time and could act fast.

This really can happen to anyone, please stay safe!

-What you can’t control-

Network provider giving your simcard to someone else

Hackers stealing/data-mining your personal information (for example Ledger incident)

-What you can control-

Having 2FA/google authenticator (any kind of security) as much as possible

Having multiple accounts to lower risk of loosing everything (They only had access to one (of few) email account, therefore only a part of my funds)

Having strong passwords

Not using SMS verification (if you can)

I will go to the network operator on Monday, as I am a bit away from civilization. Also I won’t be able to check here regularly for the same reason. I think I managed to cut his/her ties but I am open to suggestions for what else can be done.

I suppose I gotta get the old simcard back , get a new number and move accounts from old number to new number and hope im faster than them swapping my simcard again..

Thanks already