Ethereum founder Vitalik Buterin took to social media to share details about the hacking of his profile on X, formerly Twitter. The influential crypto figure confirmed suspicions that the account was targeted in a SIM swap attack allowing perpetrators to promote a crypto scam enticing victims with free digital collectibles.
‘Yes, It Was a Sim Swap’ — Buterin Reveals Hacking Method Employed to Breach His X Profile
Crypto celebrity Vitalik Buterin announced he has reestablished control over his T-mobile account used to compromise his profile on X. “Yes, it was a SIM swap, meaning that someone socially-engineered T-mobile itself to take over my phone number,” Buterin posted on Warpcast, the app of the decentralized social media Farcaster.
The co-founder of Ethereum also highlighted what he learned from the incident — a phone number is sufficient to reset the password of an X account even if it’s not used for two-factor authentication (2FA). “Can completely remove phone from Twitter,” he added and admitted:
I had seen the ‘phone numbers are insecure, don’t authenticate with them’ advice before, but did not realize this.
Buterin also noted he did not remember when he added his number, supposing it was required to sign up for Twitter Blue, currently the X Premium subscription. “Anyway, glad to be on Farcaster, where my account recovery can be controlled by a good wholesome ethereum address :),” the Russian-Canadian entrepreneur concluded.
News that Vitalik Buterin’s X profile has been hacked came out on Saturday when his father, Dmitry, and other members of the crypto community warned followers about a malicious tweet apparently posted by crypto scammers who lured victims with free non-fungible tokens (NFTs).
A number of X users from the crypto space suspected that Buterin had become victim of a SIM swap, a type of hack in which an account is taken over by exploiting a weakness in a two-factor authentication in which the second step is a text message sent to the account holder’s device or a phone call.
Commenting on the hack, founder and CEO Changpeng Zhao called on everyone to use hardware 2FA for all cryptocurrency platforms. “Reminder to use hardware 2FA (Yubikey) for all crypto platforms,” Binance’s chief executive tweeted, admitting that in the past he has had his own account locked on several occasions due to hackers attempting to brute-force it.
Have you added your phone number to your account on X? Tell us in the comments section below.