Buterin Revealed The Cause Of His X Account Hack
Ethereum co-founder Vitalik Buterin named the reason why hackers gained access to his page and defrauded his followers of $700,000.
Buterin posted on Farcaster that he had regained access to his T-mobile provider page and confirmed speculation about SIM card swapping. He clarified the provider itself had been compromised, causing the attackers to gain access to the phone number.
Simjacking is a common hacking attack method where an attacker gains access to the owner's phone number and then to the social media and banking apps. This is not the first time T-Mobile has faced this attack. In 2020, the company was sued for a user losing multi-million dollar in crypto assets as a result of his SIM card being compromised.
Meanwhile, Buterin pointed to a security flaw in the X platform itself, explaining that 2FA requires a phone number, which is enough to reset the password. However, he also admitted his fault for not taking the potential security issues seriously. He did not specify how the problem with deceived followers would be resolved.
After the incident, many prominent people once again spoke about how to protect oneself in such cases. Ethereum developer Tim Beiko recommended deleting their phone numbers from their accounts on the platform. He also asked the platform's management to address the security issue.
Twitter opsec PSA:— timbeiko.eth ☀️ (@TimBeiko) September 9, 2023
If you have a phone number linked on your account, even with other 2FA, it can be used to reset your PW. Need to specifically disable it + remove phone #.
If your Twitter account pre-dates crypto, strongly recommend double-checking, and adding strong 2FA! pic.twitter.com/uXrvHYhQvJ