Twitter Account Hack: Ethereum’s Vitalik Buterin Falls Victim to SIM-Swap Attack

Twitter Account Hack: Ethereum’s Vitalik Buterin Falls Victim to SIM-Swap Attack

In
a candid revelation, Ethereum’s Co-Founder Vitalik Buterin disclosed that the
recent hack of his Twitter account, known as X, was the result of a SIM-swap
attack. Speaking on the decentralized social media platform, Farcaster on
September 12, Buterin shed light on the incident and offered some valuable
lessons learned.

SIM-Swap
Attacks on the Rise: Telecom Companies under Scrutiny

A
SIM-swap attack, also known as
simjacking, is a tactic employed by hackers to seize control of a victim’s
mobile phone number. Once in possession of the phone number, scammers can
exploit two-factor authentication (2FA) to access social media accounts,
banking services, and cryptocurrency holdings.

Buterin’s
revelation serves as a stark reminder of the evolving threats in the digital
age and the importance of safeguarding personal information and online accounts
from potential vulnerabilities. It additionally calls for increased vigilance among
both individuals and service providers to fortify security measures against
these types of cyberattacks.

The
Vulnerability of Phone Numbers: Password Reset for X Accounts

Buterin
explained that the attacker executed a SIM-swap attack by socially engineering
T-Mobile, the mobile service provider. This manipulation allowed the hacker to
gain control of Buterin’s phone number, which subsequently led to compromising his X account.

He
emphasized the inherent vulnerability of using a phone number for password
recovery on social media platforms, even when it’s not utilized for two-factor
authentication (2FA). Buterin’s experience underscored the importance of users
taking proactive measures to protect their online accounts.

„A
phone number is sufficient to password reset a Twitter account even if not used
as 2FA,” Buterin warned, adding that users have the option to
„completely remove [a] phone from Twitter.” This revelation
highlights a critical security flaw that many may not have been aware of.

The
hacking incident, which transpired on September 9, involved scammers taking
control of Buterin’s Twitter account and conducting a fraudulent NFT giveaway.
Users were prompted to click on a malicious link, resulting in collective
losses exceeding $691,000.

T-Mobile
Faces Lawsuit over SIM-Swap Attack Leading to $450,000 Crypto Theft

Notably,
this is not the first time that T-Mobile has been associated with such attacks.
Finance Magnates reported earlier, that a victim of cryptocurrency theft resulting from a
SIM-swap attack has taken legal action against U.S. cell phone carrier T-Mobile,
alleging negligence in preventing such scams. According to court documents
filed recently, Calvin Cheng, the plaintiff, suffered the loss of 15 Bitcoins
valued at over $450,000 due to the attack.

The
lawsuit has accused T-Mobile of systemic and repeated failure to safeguard its
customers’ sensitive personal and financial information against foreseeable
attempts to obtain this data illegally. Cheng’s case involved a perpetrator
impersonating Brandon Buchanan, the Co-Founder of investment fund Iterative
Capital, who had also fallen victim to a SIM-swap attack.

The
lawsuit highlights that SIM-swap attacks are a well-known method used to gain
access to victims’ phones, yet T-Mobile allegedly lacked security measures to
prevent such incidents. Notably, AT&T, another major U.S. cell phone
service provider, has faced similar legal challenges over SIM-swap attacks, and
the lawsuit against T-Mobile reflects a growing concern over the responsibility
of telecom companies in preventing these increasingly prevalent cybercrimes.

This article was written by Tareq Sikder at www.financemagnates.com.

About Post Author

admin

medycyna pracy gdynia | piosenka o piesku Katalog firm Baza przychodni weterynaryjnych Katalog stron PEKSI WP web site Katalog stron Osuszanie Wodzisław Śląski Internetowy sklep zoologiczny