{"id":49548,"date":"2019-11-04T10:18:00","date_gmt":"2019-11-04T08:18:00","guid":{"rendered":"https:\/\/ethereumworldnews.com\/?p=49548"},"modified":"2019-11-04T10:19:40","modified_gmt":"2019-11-04T08:19:40","slug":"bittrex-now-also-a-target-a-100-bitcoin-btc-sim-hack-lawsuit","status":"publish","type":"post","link":"https:\/\/ethereumworldnews.com\/bittrex-now-also-a-target-a-100-bitcoin-btc-sim-hack-lawsuit\/","title":{"rendered":"Bittrex Now Also a Target of a 100 Bitcoin (BTC) SIM Hack Lawsuit"},"content":{"rendered":"

Digital asset exchange Bittrex is reportedly being sued over a SIM swap-related incident that allowed hackers to steal 100 Bitcoin (BTC), which are valued at around $1 million at current market prices.<\/span><\/p>\n

The case appears to be quite similar to other recent incidents in which a bad actor gains control of a user\u2019s cell phone in order to steal cryptocurrency from their online wallets. The swap was reportedly from telecom giant AT&T, the funds were withdrawn from Bittrex, and the hacker allegedly managed to gain control over the user\u2019s online identity.<\/span><\/p>\n

The hack allegedly carried out against Gregg Bennett, an angel investor residing in Seattle, has not yet been resolved by officials, as other incidents have before being disclosed publicly in court filings.<\/span><\/p>\n

Bennett filed a lawsuit in Washington state\u2019s King County Superior Court, in which he claims that Bittrex did not abide by its own security measures, while also failing to meet industry standards. This led to the high-stakes theft, Bennett alleged.<\/span><\/p>\n

He further noted that Bittrex\u2019s management failed to take action as the April 15, 2019 hack was taking place. The exchange did not respond in a timely manner, even though Bennett says he informed the company directly.<\/span><\/p>\n

The Department of Financial Institutions, the financial legal examiner for the Washington state regulator that addresses complaints from consumers, stated that Bittrex failed to \u201ctake reasonable steps to respond\u201d to Bennett\u2019s message and \u201cappears\u201d to have not honored its own terms of service, <\/span>according<\/span><\/a> to an August 30, 2019 letter.<\/span><\/p>\n

Although several legal entities were informed, they have not yet decided to take up criminal charges in the matter. Moreover, the whereabouts of Bennett\u2019s stolen digital currency are currently unknown.<\/span><\/p>\n

Bittrex CEO Bill Shihara stated the exchange operator has implemented proper security measures, which can effectively prevent account hacks. These security measures include two-factor authentication (2FA) and email verification when an unfamiliar IP address attempts to sign-in to a user account.<\/span><\/p>\n

Shihara noted that these \u201cspeed bumps\u201d could lead to a few user complaints, however, \u201cthey actually save a lot of accounts from being hacked.\u201d<\/span><\/p>\n

Shihara also warned that a user\u2019s email can also get hacked, so a person\u2019s phone should not be trusted as the last security stop. This, as once a victim\u2019s phone has been taken over, hackers can usually get access to all their accounts, Shihara explained.<\/span><\/p>\n

He added: <\/span><\/p>\n

\u201cI think this is a problem that requires a lot of solutions and a lot of layers of security. And unfortunately one of the mantras that we use and often publish articles about is that ultimately you can\u2019t trust your phone. You have to be aware that you could lose control of your phone.\u201d<\/span><\/em><\/p><\/blockquote>\n

Bennett also believes that his hack was most likely \u201can inside job,\u201d as he thinks that the PIN associated with his account and the social security number linked to the account were changed, which suggests that someone at AT&T could have played a role in the incident.<\/span><\/p>\n

AT&T has not specifically been mentioned in Bennett’s case, although it remains the focus of similar lawsuits initiated by Michael Terpin and Seth Shapiro.<\/span><\/p>\n

Bennett\u2019s case mainly focuses on the security issues on Bittrex\u2019s trading platform, but he acknowledged that the door stayed wide open. He warned: <\/span><\/p>\n

\u201c[AT&T] will not escape my wrath.\u201d<\/span><\/em><\/p><\/blockquote>\n

AT&T representative Jim Greer stated he was only able to repeat his previous responses to the SIM-swapping incidents. That being, customers must not depend on their mobile phones for the security of their accounts.<\/span><\/p>\n

Greer stated: <\/span><\/p>\n

\u201cFraudulent SIM swaps are a form of theft committed by sophisticated criminals. We are working closely with our industry, law enforcement and consumers to stop and prevent this type of crime.\u201d\u00a0<\/span><\/em><\/p><\/blockquote>\n

Bennett noted that Bittrex\u2019s management should have been able to figure out that something was not right.<\/span><\/p>\n

The security breaches had been initiated from an IP address in Florida and from an NT operating system, Bennett pointed out. He also mentioned that he had not used either of them, which should make it clear that he was not the one trying to gain access to the account.<\/span><\/p>\n

Bennett claims in the lawsuit that the criminals stole 100 BTC from his account, which is the maximum daily withdrawal permitted. He also says that the hackers sold off a significant amount of his crypto at below-market prices, while also converting the stolen funds into a further 30 bitcoins and running off with it.<\/span><\/p>\n

The hackers also came back the next day for 35 bitcoins that were remaining, however, Bennett said he had finally managed to get Bittrex to close his account and the unauthorized transactions.<\/span><\/p>\n

Bennett\u2019s lawsuit claims that Bittrex did not adhere to established industry security protocols in his case.<\/span><\/p>\n

Bennett\u2019s lawyers said Bittrex should have placed a 24-hour withdrawal hold following a password change, which is standard practice.<\/span><\/p>\n

Bennett remarked: <\/span><\/p>\n

\u201cWhat I fault Bittrex for is their inability to see obvious suspicious activity.\u201d<\/span><\/em><\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"

Digital asset exchange Bittrex is reportedly being sued over a SIM swap-related incident that allowed hackers to steal 100 Bitcoin (BTC), which are valued at around $1 million at current market prices. The case appears to be quite similar to other recent incidents in which a bad actor gains control of a user\u2019s cell phone in order to steal cryptocurrency from their online wallets. The swap was reportedly from telecom giant AT&T, the funds were withdrawn from Bittrex, and the […]<\/p>\n","protected":false},"author":46,"featured_media":49550,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[22,828],"tags":[2651,7327,973,7328,6483,564,425,7280],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/ethereumworldnews.com\/wp-json\/wp\/v2\/posts\/49548"}],"collection":[{"href":"https:\/\/ethereumworldnews.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ethereumworldnews.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ethereumworldnews.com\/wp-json\/wp\/v2\/users\/46"}],"replies":[{"embeddable":true,"href":"https:\/\/ethereumworldnews.com\/wp-json\/wp\/v2\/comments?post=49548"}],"version-history":[{"count":0,"href":"https:\/\/ethereumworldnews.com\/wp-json\/wp\/v2\/posts\/49548\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ethereumworldnews.com\/wp-json\/wp\/v2\/media\/49550"}],"wp:attachment":[{"href":"https:\/\/ethereumworldnews.com\/wp-json\/wp\/v2\/media?parent=49548"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ethereumworldnews.com\/wp-json\/wp\/v2\/categories?post=49548"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ethereumworldnews.com\/wp-json\/wp\/v2\/tags?post=49548"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}