In his recent conversations on the decentralized social media network Farcaster, Ethereum (ETH) co-founder Vitalik Buterin, has confirmed that he has regained control of his T-Mobile account after hackers hijacked his X account via a SIM swap attack.
On September 12, Vitalik Buterin affirmed he has finally recovered his T-mobile account after hackers managed to gain control of his X ( formerly Twitter) account, stealing more than $691,000 after posting a malicious phishing link that gained access to people’s wallets. He noted,
“Finally got back my T-mobile account. Yes, it was a sim swap, meaning that someone socially-engineered T-mobile itself to take over my phone number.”
For the unversed, a SIM swap attack, also known as a SIM intercept attack, is a form of identity theft in which an attacker convinces a cell phone carrier to switch a victim’s phone number to a new device to gain access to bank accounts, credit card numbers and other sensitive information. In a nutshell, this occurs when the device tied to a customer’s phone number is fraudulently manipulated.
ETH co-founder Vitalik Buterin’s X Account Compromised
As per his conversation on Farcaster, it seems the Ethereum co-founder expressed some lessons and learnings from his experience, following the recent exploit. Vitalik Buterin wrote, “a phone number is sufficient to password reset a Twitter account even if not used as 2FA. Can completely remove phone from Twitter,” adding,
“I had seen the phone numbers are insecure, don’t authenticate with their advice before, but did not realize this.”
On September 9, Vitalik Buterin, had experienced a security breach of his X account after falling for a deceptive link. The hacker shared a malicious link offering an alleged free commemorative nonfungible token (NFT), luring victims to connect their wallets, ultimately leading to the theft of their funds. The fake NFT mint had a 24-hour time limit, urging victims to act quickly.
Following the attack, a user took to X, claiming Buterin’s negligence led to the attack and therefore the Ethereum co-founder “should take accountability” and “compensate those affected.” The user wrote,
“(Vitalik Buterin) you have more than enough personal wealth to make affected users whole. If the founder of any other tradfi platform posted links that resulted in fraud, that platform would be obligated to do the same, or risk facing a class action lawsuit.”
I hate to be the one to say it, but Vitalik should take accountability for his poor op-sec and compensate those affected.
I understand users have a responsibility to be wary of all links and that they ultimately connected their wallets irresponsibly; but can we blame them…
— ʞɔɐſ (@satoshi_767) September 10, 2023
X is the Breeding Ground for Crypto Scammers
In recent times, X has emerged as a breeding ground for crypto scammers who make fake accounts and impersonate big projects along with deploying several other malicious tactics to lure investors and loot customer funds.
In control of my twitter again
Appreciate everyone who helped out tonight, and the effort people put in to help with takedowns, warnings, etc
Will follow up with updates when ready https://t.co/t6WCAWOYlP
— hayden.eth 🦄 (@haydenzadams) July 21, 2023
Recently, Hayden Adams, the founder of the Uniswap decentralized exchange, lost his Twitter handle access for a while, courtesy of unidentified crypto scammers. Once the hackers managed to breach Adams’ account, malicious links aiming to lure unsuspecting individuals to click on it, were tweeted out.
1/ The @kucoincom handle was compromised for about 45 mins from 00:00 Apr 24 (UTC+2). A fake activity was posted and unfortunately led to asset losses for several users. KuCoin will fully reimburse all verified asset losses caused by the social media breach and the fake activity.
— KuCoin (@kucoincom) April 24, 2023
In the month of June, OpenAI CTO Mira Murati’s X account was reportedly hacked by crypto scammers, who promoted a fake crypto airdrop via this verified account. Furthermore, in April, Singapore-based cryptocurrency exchange KuCoin said its Twitter account was hacked, allowing scammers to promote a fraudulent giveaway scam, which resulted in the theft of more than $22,600 worth of digital assets.
🚨 Twitter account belonging to OpenAI CTO Mira Murati got hacked by crypto scammers 🚨 pic.twitter.com/k3oWsDo3cI
— John Jmz (@johnj1138) June 2, 2023