{"id":59078,"date":"2023-09-12T06:20:26","date_gmt":"2023-09-12T10:20:26","guid":{"rendered":"https:\/\/coinscreed.com\/staging\/?p=59078"},"modified":"2023-09-12T06:21:31","modified_gmt":"2023-09-12T10:21:31","slug":"vitalik-buterin-x-account-hack-caused-by-sim-swap-attack","status":"publish","type":"post","link":"https:\/\/coinscreed.com\/staging\/vitalik-buterin-x-account-hack-caused-by-sim-swap-attack\/","title":{"rendered":"Vitalik Buterin: X account hack caused by SIM-swap attack"},"content":{"rendered":"\n

The co-founder of Ethereum<\/a> has regained control of his T-Mobile account, verifying that a SIM-swap attack compromised his X account.<\/p>\n\n\n\n

\"Vitalik<\/figure>\n\n\n\n

Vitalik Buterin, the co-founder of Ethereum, has officially verified that the recent breach of his X (Twitter) account resulted from a SIM-swap attack.<\/p>\n\n\n\n

Buterin made this statement on the decentralized social media platform Farcaster\r\n \r\n \r\n \r\n <\/g>\r\n \r\n \r\n \r\n <\/clipPath>\r\n <\/defs><\/svg><\/span><\/a> on September 12th, revealing that he has successfully regained control of his T-Mobile account following the hacker's exploitation of a SIM swap attack.<\/p>\n\n\n\n

\n

\u201cYes, it was a SIM swap, meaning that someone socially-engineered T-mobile itself to take over my phone number.\u201d<\/p>\n<\/blockquote>\n\n\n\n

During his discussion, the Ethereum co-founder shared valuable insights and lessons from his encounter with the security breach.<\/p>\n\n\n\n

\"Vitalik
Source: Warpcast<\/em><\/figcaption><\/figure>\n\n\n\n
\n

\u201cI had seen the \u2018phone numbers are insecure, don't authenticate with them\u2019 advice before, but did not realize this.\u201d<\/p>\n<\/blockquote>\n\n\n\n

On September 9th, scammers took over Buterin's Twitter account, where they posted a fraudulent NFT<\/a> giveaway, enticing users to click on a malicious link. This scheme resulted in victims collectively losing over $691,000.<\/p>\n\n\n\n

On September 10th, Ethereum developer Tim Beiko strongly recommended the removal of phone numbers from Twitter accounts and emphasized the importance of enabling two-factor authentication (2FA).<\/p>\n\n\n\n

\n

Twitter opsec PSA:

If you have a phone number linked on your account, even with other 2FA, it can be used to reset your PW. Need to specifically disable it + remove phone #.

If your Twitter account pre-dates crypto, strongly recommend double-checking, and adding strong 2FA! pic.twitter.com\/uXrvHYhQvJ<\/use><\/svg><\/span><\/a><\/p>— timbeiko.eth (@TimBeiko) September 9, 2023<\/use><\/svg><\/span><\/a><\/blockquote>

Beiko urged platform owner Elon Musk to consider making 2FA a default setting, particularly for accounts with over 10,000 followers.<\/p>\n\n\n\n

A SIM-swap or simjacking attack is used by hackers to gain control of a target's mobile phone number.<\/p>\n\n\n\n

By hijacking the phone number, scammers can exploit two-factor authentication (2FA) to access social media, banking, and cryptocurrency accounts.<\/p>\n\n\n\n

This incident is not the first instance involving T-Mobile and such attack vectors.<\/p>\n\n\n\n

In 2020, the telecommunications giant faced legal action for allegedly facilitating the theft of $8.7 million worth of cryptocurrency through a series of SIM-swap attacks.<\/p>\n\n\n\n

T-Mobile was embroiled in another lawsuit in February 2021 when a customer lost $450,000 in Bitcoin<\/a> due to another SIM-swap attack.<\/p>\n","protected":false},"excerpt":{"rendered":"

The co-founder of Ethereum has regained control of his T-Mobile account, verifying that a SIM-swap attack compromised his X account. Vitalik Buterin, the co-founder of Ethereum, has officially verified that the recent breach of his X (Twitter) account resulted from a SIM-swap attack. Buterin made this statement on the decentralized social media platform Farcaster on […]<\/p>\n","protected":false},"author":56,"featured_media":59082,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[21],"tags":[710,12002,12490,16400,482,4457],"class_list":["post-59078","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-business","tag-hacks","tag-scams-2","tag-sim-card","tag-twitter","tag-vitalik-buterin"],"jetpack_featured_media_url":"https:\/\/coinscreed.com\/staging\/wp-content\/uploads\/2023\/09\/20200511_Vitalik-Buterin-ETH-Ethereum-1200x675-1.webp","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts\/59078","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/users\/56"}],"replies":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/comments?post=59078"}],"version-history":[{"count":0,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts\/59078\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/media\/59082"}],"wp:attachment":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/media?parent=59078"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/categories?post=59078"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/tags?post=59078"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}