Ethereum co-founder Vitalik Buterin has confirmed that he was targeted in a SIM-swap attack, resulting in the recent hack of his Twitter account. Speaking on the decentralized social media network Farcaster, Buterin revealed that he has managed to regain control of his T-Mobile account after the hacker orchestrated the attack. Buterin explained, “Yes, it was a SIM swap, meaning that someone socially-engineered T-mobile itself to take over my phone number.”
Buterin also shared some valuable lessons from his experience. He pointed out that a phone number alone is enough to reset a Twitter account password, even without being used for two-factor authentication (2FA). As a precaution, he advised users to “completely remove [their] phone from Twitter.” He admitted that he had seen advice about the insecurity of phone numbers before but didn’t fully realize the implications until now.
The attack on Buterin’s Twitter account occurred on September 9, with scammers using it to post a fake NFT giveaway and deceive users into clicking on a malicious link. As a result, victims lost a total of over $691,000. Following the incident, Ethereum developer Tim Beiko strongly recommended that users remove their phone numbers from their Twitter accounts and enable 2FA. He suggested that having 2FA enabled should be the default setting, especially for accounts with a considerable number of followers.
The SIM-swap attack is a technique commonly employed by hackers to gain control over a victim’s mobile phone number. With control over the number, scammers can bypass 2FA and access social media, banking, and cryptocurrency accounts.
This is not the first time T-Mobile has been associated with this type of attack. In 2020, the telecoms giant faced a lawsuit for allegedly enabling the theft of $8.7 million in crypto through a series of SIM-swap attacks. T-Mobile was sued again in February 2021 when a customer lost $450,000 worth of Bitcoin due to another SIM-swap attack.
It is crucial for users to be aware of the risks associated with SIM-swapping and take necessary precautions to protect their accounts. By removing phone numbers from online platforms and using robust 2FA methods, individuals can enhance their security and minimize the chances of falling victim to such attacks.
– Warpcast: Vitalik Buterin’s statement
– Twitter (Tim Beiko): Tim Beiko’s recommendation
– SIM-swap attack prevention: Tips on preventing SIM-swap attacks
– T-Mobile’s involvement in SIM-swap attacks: T-Mobile’s previous lawsuit and another lawsuit
❗Follow us on Twitter to get all the latest crypto news as soon as they're out! 🚀