In recent days, several politicians have suffered the same computer incident: for a few hours or a few days They were without a phone line. Their cell phone said “emergency calls only” and they couldn’t understand what was happening to them. The first to suffer was Nicolas KreplakMinister of Health of the Province of Buenos Aires to whom one of the first warnings came from a Posting on his own Twitter account “Everyone who received the vaccine today at 00 will become robots”. Of course, it was not him who had written this message.
Strictly speaking, Kreplak detailed to LA NACION that, as he was able to find out, someone asked for a chip in your name (the SIM card that is inside the phone and that connects the device to the line), and that for this reason the SIM card that he had in his mobile phone has been deactivated; From there, the attackers were able to access their Twitter account, which has the ability to recover the username and password by sending a password to the cellphone.
In one thread on twitter, after recovering his account, explained, “On Wednesday they hacked into my phone line and accessed social media accounts and emails. They tweeted irrationalities and tried to upload all the information everyone has in their emails today. We acted quickly and they didn’t finish it,” said the minister, who has Movistar as a telephone operator.
But far from being the only ones to whom it happened, they experienced similar situations this week. Sabine Fredericformer Minister of Security (currently at the Ministry of Foreign Affairs), Myriam Bregmannnational deputy of the Left Front, and Mara Brawer, member of the Front de Tous. The latter two commented on their coincidence last Tuesday in the committee debating the new rental law in Congress.
Frédéric discovered it on Saturday afternoon when he ran out of data outside his home.. Once connected to a Wi-Fi network, at 11 p.m., she realized that her Twitter account had been “spoofed”. I activated the two-factor authentication, but with the ability to text a code over your line (which was now in someone else’s hands). This is how the attackers were able to enter. Frédéric contacted the telephone company and there they detected the problem. “Sabina, I see you did a chip change yesterday…” they told her. Frederic replied that he had made no changes. “Then he asks me to take the chip out and take a picture of it, then he tells me the chip was stolen,” he described. Having access to his line, they also found a way to whitewash the password and get into his email account. “When I went to Movistar’s commercial office, they explained to me that they had had other cases,” he told LA NACION. Finally, he reported the incident to the Federal Police Technology Crime Division.
to the deputy Mara Brawer received an email alert from Movistar informing her that her current SIM card had been deactivated and that they had activated a new one. “It gave me the option to overturn the decision by appealing, which I did,” he says. But the next day, he lost his line. From that moment he lost access to his Instagram and Twitter account. The first picked her up, but she still has trouble getting to the second.
Myriam Bregman, meanwhile, explained on Twitter that she had been left without a line for the second time in a week.. “Again they left me without a phone line, for the second time in a week. There are other hacking attempts on our accounts. It’s scandalous. It’s also that @MovistarArg doesn’t do anything. A shame. It seems our complaints are disturbing,” he said.
Kreplak and Frederic, Brawer and Bregman have both confirmed that they have activated the two step verification on whatsapp (requires the entry of a password, in addition to the PIN code sent by SMS), which prevented them from losing their identity in the messaging app, which would have allowed attackers to talk to their contacts, impersonating them (usually to ask for money).
What happened to politicians is known as SIM card exchange (SIM card change, in English). Abusers buy a chip in the name of the victim, somehow proving that they are the owners of this line. By activating the new SIM, they deactivate the previous one, a legitimate action in the event of loss or theft of the mobile phone, or deterioration of the original SIM.
By transferring the line to the new SIM card, they receive all calls and SMS; so that they can use this captured line to receive verification messages which are used for social networks, whatsapp, some email accounts or even banks when operating through the internet. With this verification by SMS and after taking over the line, they have everything to prove that they are the owners of this online account.
For this reason, it is ideal not to use a text message sent to the mobile phone as a method of recovering passwords or as a second factor of authentication. Instead, it’s better to use apps like Google Authenticator, which provide codes in the application to prove identity in case of connection, or activate the entry of a second password that is only in our memory, as is what WhatsApp offers. In case we run out of mobile phone line, it is important to check as soon as possible with the operator if it is a technical problem or if we have been victims of this type of attack (c ie if someone has requested a replacement SIM card in our name).
In these four cases it is the same company concerned: it is Movistar which has accepted the request to change the SIM of a line by people who were not the owners. In regards to, of the company, they indicated that they have “identity validation and authentication processes of all people users of our service, which are constantly reviewed with companies specializing in the data security industry”. But they explained that “when this information reaches malicious people, through data phishing, a practice outside the company, identity theft can occur”. And they argued that “we work daily with the attention paid to updating prevention tools that help avoid this type of scam”.