skip to Main Content
bitcoin
Bitcoin (BTC) $ 96,985.99 1.93%
ethereum
Ethereum (ETH) $ 3,321.36 4.68%
tether
Tether (USDT) $ 1.00 0.09%
solana
Solana (SOL) $ 246.55 6.10%
bnb
BNB (BNB) $ 649.24 4.19%
xrp
XRP (XRP) $ 1.35 13.60%
dogecoin
Dogecoin (DOGE) $ 0.411363 11.74%
usd-coin
USDC (USDC) $ 1.00 0.02%
cardano
Cardano (ADA) $ 0.976731 11.85%
staked-ether
Lido Staked Ether (STETH) $ 3,321.71 4.67%

Vitalik Buterin reveals X account hack was caused by SIM-swap attack

The Ethereum co-founder has regained control of his T-Mobile account, confirming that a SIM-swap attack resulted in the hack of his X account.

698 Total views

13 Total shares

Vitalik Buterin reveals X account hack was caused by SIM-swap attack

Ethereum co-founder Vitalik Buterin has confirmed that the recent hack of his X (Twitter) account was the result of a SIM-swap attack.

Speaking on the decentralized social media network Farcaster on Sept. 12, Buterin said that he has finally recovered his T-Mobile account after the hacker managed to gain control of it via a SIM swap attack.

“Yes, it was a SIM swap, meaning that someone socially-engineered T-mobile itself to take over my phone number.”

The Ethereum co-founder added some lessons and learnings from his experience with X.

Vitalik Buterin confirms how his X account was accessed by hackers. Source: Warpcast

“A phone number is sufficient to password reset a Twitter account even if not used as 2FA,” he said, adding that users can “completely remove [a] phone from Twitter.”

“I had seen the ‘phone numbers are insecure, don’t authenticate with them’ advice before, but did not realize this.”

On Sept. 9, Buterin’s X account was taken over by scammers who posted a fake NFT giveaway prompting users to click a malicious link which resulted in victims collectively losing over $691,000.

Related: How easy is a SIM swap attack? Here’s how to prevent one

A SIM-swap or simjacking attack is a technique used by hackers to gain control of a victim’s mobile phone number. With control of the number, scammers can use two-factor authentication (2FA) to access social media, bank, and crypto accounts.

It is not the first time T-Mobile has been involved in this type of attack vector. In 2020, the telecoms giant was sued for allegedly enabling the theft of $8.7 million worth of crypto in a series of SIM-swap attacks.

Magazine: How to protect your crypto in a volatile market: Bitcoin OGs and experts weigh in

Loading data ...
Comparison
View chart compare
View table compare
Back To Top