Vitalik Buterin, the co-founder of Ethereum, has responded to a recent security breach that led to unauthorized access to his X account, formerly known as Twitter.
This incident has reignited discussions about cybersecurity and the vulnerabilities faced by individuals, even those well-versed in technology.
Hackers gained unauthorized entry to Buterin’s X account and proceeded to post phishing links, seemingly aimed at scamming his followers.
The cybercriminals employed a deceptive “commemorative” non-fungible token (NFT) scheme, resulting in the theft of multiple NFTs, as reported on social media.
The hacking incident sparked diverse reactions online, ranging from humorous memes to serious discussions about the susceptibility of tech-savvy individuals to cyber threats.
Initially, there were speculations that the hackers had exploited a SIM swap vulnerability to compromise Buterin’s account.
Vitalik Buterin has since regained control of his T-Mobile account and clarified the situation through his X account. He confirmed that the hacking incident was indeed a result of a SIM swap attack, where the perpetrators “socially engineered” T-Mobile to gain access to his phone number.
Buterin also emphasized the vulnerability of phone numbers as an authentication method. Even if a phone number is not used for two-factor authentication (2FA), it can still be exploited for password resetting on X.
In retrospect, Buterin admitted that he had been advised against using phone numbers for authentication but had not heeded the warning until this incident occurred.
In response to the hack, Buterin has taken steps to enhance his security. He has transitioned to “farcaster,” a platform where account recovery is tied to Ethereum addresses, providing an added layer of security.