Hackers Who Found 33 Million Phone Numbers May Attack Cryptocurrency Investors

Hackers who captured more than 30 million phone numbers can target cryptocurrency investors.

Last week, a hacker claimed to have stolen 33 million phone numbers from US messaging giant Twilio. Twilio confirmed that “threat actors” were able to identify phone numbers of people using Authy, the popular two-factor authentication app that Twilio uses.

Authy is one of the most used two-factor applications after Google Authenticator. Authy is also widely used by cryptocurrency investors.

The hacker or hackers known as ShinyHunters wrote on a well-known hacker forum that they hacked Twilio and captured the mobile phone numbers of 33 million users.

They can carry out phishing attacks

“The company determined that threat actors were able to detect data associated with Authy accounts, including phone numbers, due to an unauthorized endpoint,” Twilio spokesperson Kari Ramirez said. "We have taken action to secure this endpoint and are no longer accepting unauthorized requests."

“We have seen no evidence that threat actors gained access to Twilio's systems or other sensitive data,” Ramirez said. "As a precaution, we ask all Authy users to upgrade to the latest Android and iOS version of the application and to be careful and increase their awareness against phishing and smishing attacks," he wrote.

Hackers can attack the owners of these phone numbers in different ways.

According to Rachel Tobac, CEO of SocialProof Security, attackers can perform phishing attacks by reaching people whose phone numbers they know as if they are Authy/Twilio officials. "It can increase the credibility of hishing attacks."

Stay tuned for new information