In a new article titled “A Hacker Got All My Texts for $16,” Vice reporter Joseph Cox detailed how the white-hat hacker—an employee at a security vendor—was able to redirect all of his text messages and then break into online accounts that rely on texts for authentication.
This wasn’t a SIM swap scam, in which “hackers trick or bribe telecom employees to port a target’s phone number to their own SIM card,” Cox wrote. “Instead, the hacker used a service by a company called Sakari, which helps businesses do SMS marketing and mass messaging, to reroute my messages to him.”
This method tricked T-Mobile into redirecting Cox’s text messages in a way that might not have been readily apparent to an unsuspecting user. “Unlike SIM jacking, where a victim loses cell service entirely, my phone seemed normal,” Cox wrote. “Except I never received the messages intended for me, but he did.”