Hack On Kroll Leads To Phishing Attacks

Tyler Cross
Tyler Cross Senior Writer
Tyler Cross Tyler Cross Senior Writer

Kroll suffered a hack that led to the personal information of customers who use FTX, BlockFi, and Genesis.

The company both provides cybersecurity consulting and gathers creditor claims on behalf of bankrupt companies. At that moment, they were working with those three bankrupt cryptocurrency platforms when they noticed an attack.

“A cyber threat actor targeted a T-Mobile US., Inc. account belonging to a Kroll employee in a highly sophisticated “SIM swapping” attack,” said an advisory posted by Kroll. “Specifically, T-Mobile, without any authority from or contact with Kroll or its employee, transferred that employee’s phone number to the threat actor’s phone at their request.”

This SMS scam allows hackers to activate a SIM card on their own device using a victim’s phone number. Once activated, they can intercept their calls, texts, and important messages.

While the full scope of what detail was obtained and how severe the hack was, Kroll stated that there was no evidence other systems had been affected.

Kroll also responded quickly, securing the affected accounts and working with the Federal Bureau of Investigation (FBI) to launch a full investigation into what happened.

Hackers have already begun impersonating FTX employees through malicious phishing emails, claim several X users, who posted pictures of fraudulent emails wanting users to connect their cryptocurrency wallets to a third-party source.

“FTX has taken the precautionary measure of temporarily freezing affected user accounts within the customer claims portal,” explains FTX in a recent post on X.

Kroll ends its security advisory by reminding customers that you should never share your private crypto keys, passwords, or personally identifiable information with strangers, even if they claim to represent someone you may know.

You should also be especially wary of suspicious links to external sources, often times just clicking the link can begin installing malware on your device.

About the Author
Tyler Cross
Tyler Cross
Senior Writer

About the Author

Tyler is a writer at SafetyDetectives with a passion for researching all things tech and cybersecurity. Prior to joining the SafetyDetectives team, he worked with cybersecurity products hands-on for more than five years, including password managers, antiviruses, and VPNs and learned everything about their use cases and function. When he isn't working as a "SafetyDetective", he enjoys studying history, researching investment opportunities, writing novels, and playing Dungeons and Dragons with friends.

Leave a Comment