The BlackCloak Threat Intelligence Team is currently observing and pinpointing new strategies deployed by cybercriminals targeting venture capital and private equity firms with investments in cryptocurrency. These malicious actors are not just focusing on the firms themselves but are extending their reach to individuals, their partners, and individual Limited Partners (LPs) involved in crypto funds or wallets.

Expanding Threats: Targeting the Venture Capital and Private Equity Spheres

Since the onset of 2024, BlackCloak has noted a significant uptick that indicates cybercriminals are refining their strategies, now targeting individuals associated with venture capital and private equity firms, particularly those with investments in cryptocurrency. These malicious actors extend their reach beyond the firms to their partners and individual Limited Partners (LPs) involved with crypto funds or wallets.

These cybercriminals harvest personal information from data broker websites, obtaining personal cell phone numbers and email addresses of their targets. They then ascertain the service provider and then launch an attack on the individual’s cell phone carrier, attempting a SIM swap or port forwarding of the phone number.

What is SIM Swapping?

SIM swapping or port forwarding involves a bad actor convincing your mobile carrier to switch your phone number over to a SIM card they control. By diverting your messages and calls, they gain access to critical two-factor authentication (2FA) codes and can breach your cryptocurrency accounts with alarming ease.

A successful SIM swap allows these fraudsters to intercept text messages intended for 2FA, rerouting these messages to a device they control. This breach enables them to attempt to gain access to wallets or crypto accounts. Once inside, they can transfer the cryptocurrency, swiftly converting the digital assets into liquid form. This insidious method targets individuals known to be associated with the cryptocurrency sector, heightening the risk for those with personal investments in crypto.

The Impact of SIM Swapping Scams

The consequences of SIM swapping are severe. Victims find themselves locked out of their own devices and accounts, with their assets swiftly stolen. The lack of chargeback options in cryptocurrency transactions means that once stolen, these assets are often irretrievably lost. 

Our investigations have also uncovered that these cybercriminals are not limiting their targets to the venture capitalists alone but are extending their malicious activities to family members of the victims. This broadened scope of targeting suggests an attempt to siphon wealth from the families at large, exploiting these assets for their gain.

Our findings reveal that these cybercriminals are extracting personal information about these individuals from data broker websites, including their personal cell phone numbers and email addresses. With this information in hand, they determine the service provider of the target’s cell phone by examining phone records. The next step involves attacking the individuals’ cell phone carriers, attempting either a SIM swap or port forwarding of the phone number.

 

At BlackCloak, we are committed to staying ahead of these emerging threats and safeguarding our clients from such malicious activities. Our dedicated team continues to monitor, identify, and counteract these cybercriminal strategies to protect the investments and personal information of those within the venture capital and private equity sectors involved in cryptocurrency. Stay vigilant and stay protected with BlackCloak.