A South Korean telecom giant has stated that SIM-swap-style crypto-currency attacks are on the rise in the country – and has predicted an uptick in all crypto-related cases this week. second half of 2022.
The statement was made by SK Shieldus, part of SK Group, which owns SK Telecom – one of the country’s two largest internet and mobile service providers. SK Shieldus, formerly ADT Caps, is one of the nation’s largest physical and internet security brands.
According to News1, the company claims that since January of this year, it has seen evidence of ongoing SIM-swapping attacks – with criminals specifically targeting mobile phone users with high hold cryptocurrencies.
The company added that this trend is likely to continue to increase in the coming months, and added that a recent attack on a decentralized finance (DeFi) protocol in the country has resulted in criminals earning about approx. 1.7 million USD.
Furthermore, the company added that notorious ransomware groups are carrying out “rebranding” efforts to avoid the attention of investigative agencies. SK Shieldus claims that these “rebranding” dynamics are a sign that such groups will “become more active.” Several groups, the company said, are currently preparing to “launch” “multiple attacks.“
SK Shieldus added that “hacking” attacks on some crypto targets will expand in H2, with more DeFi targets already in the criminals’ trail.
“We expect more attacks against virtual assets [generally],” the company stated.
It adds that lone wolf hackers are now a dying breed – and larger groups are now finding their way into space. One executive was quoted as explaining:
“In the past, hackers developed ransomware alone. But now they are systematically hiring malware developers. They are ready to share their earnings with these developers.”
The company concluded that companies should keep an eye on the LockBit ransomware gang, which began ramping up its operations in September 2019 – when it launched so-called ransomware-as-a-service (RaaS) operations.
Subsidiary SK claims that its data shows that LockBit is currently three times more active than other RaaS pools, including Conti and BlackCat.