In response to a recent SIM hacking incident involving South Korea’s leading telecom provider SK Telecom (SKT), major domestic cryptocurrency exchanges have urgently advised their users to enhance account security measures.
On April 19, SKT detected signs of a security breach in which malicious code led to the potential leakage of some users’ SIM (USIM) information. The compromised data is believed to include International Mobile Subscriber Identity (IMSI), International Mobile Equipment Identity (IMEI), and USIM authentication keys. However, the company clarified that personal information such as names, resident registration numbers, and addresses remains secure, as they are stored separately from SIM-related data.
In light of growing concerns over SIM swapping—a tactic in which attackers clone SIM cards to hijack calls and messages, thereby gaining unauthorized access to digital asset accounts—exchanges including Upbit, Bithumb, Coinone, Korbit, and GOPAX have issued coordinated security advisories. Recommended actions include account lock settings, enrollment in SIM protection services, and enabling SIM PIN codes.
Each exchange has detailed its respective procedures:
-
Upbit: Users may request an account lock via a 24-hour customer support hotline. Both the account owner and a third party may initiate the lock, but identity verification is mandatory for unlocking.
-
Bithumb: Account lock can be activated through the “Security Center” menu within the website or app. Anomaly detection systems are also in place to monitor cloned device activity.
-
Coinone / GOPAX: Users can directly enable account protection through menu options within each platform.
-
Korbit: Protection is activated via a secure link sent when logging in from a new device.
SK Telecom emphasized that SIM cloning alone does not enable access to cryptocurrency or financial assets, noting that critical elements like OTP codes and authentication credentials are required for transactions. “Even if a hacker attempts to reboot a device or initiate SIM swapping, asset theft is not possible without additional steps,” the company stated. SKT also recommends users activate SIM protection services and set up SIM PIN codes as an added layer of security.
This incident underscores the need for strong user awareness and proactive measures in securing digital assets. Experts stress that the responsibility of safeguarding accounts lies not only with service providers but also with individual users taking preventive action.
