Conversation

PSA: I was hacked (3k USD + private data). Apple ID 2FA was bypassed. Avoid SMS 2FA. Avoid iCloud. Avoid hot keys. Rotate your passwords. I wrote a detailed post on what, when & how this happened. Investigation is still in progress Stay safe!

ksaitor.medium.com

How I got hacked, lost crypto and what it says about Apple’s security. Part 1

I was hacked. The attacker gained access to several of my accounts (Apple Cloud, Yahoo, Gmail, Telegram), found private keys, mnemonic…

Raman Sha

@ksaitor

Oct 26, 2020

HN discussion: news.ycombinator.com/item?id=248852

Jesse Powell

@jespow

Oct 26, 2020

Do you have Continuity enabled? Seems like a sim clone, ss7 or other form of intercept by an app on your phone or on your computer (if your computer has access to your sms).

Raman Sha

@ksaitor

Oct 26, 2020

Yep. Continuity was enabled. That's one of my top suspects as well. I was miles away from my home WiFi, though. I thought when you are SIM cloned, only one SIM would be receiving the comms from cell towers. No? I was receiving SMS and calls.

Jesse Powell

@jespow

Replying to

@ksaitor

Are you sure you got 100% of the messages? It could be back and forth with you getting some and then getting some but SIM clone is least likely IMO. One other potential vector is the telco. Could be sms forwarding enabled by them/rogue employee.

6:53 AM · Oct 26, 2020Twitter for iPhone

Replying to

Can't be 100% sure in anything… But I'm ~80% sure.