Vitalik Buterin Confirms His X Account Was Hacked by SIM Swap

 

Vitalik Buterin, the founder of Ethereum, used social media to discuss the theft of his profile on X, formerly known as Twitter. The well-known cryptocurrency figure confirmed rumors that the account was the target of a SIM swap hack that allowed attackers to spread a crypto fraud that enticed victims with free digital goods.

"Yes, It Was a Sim Swap," Buterin Admits of the Hacking Technique Used to Access His X Profile

The well-known cryptocurrency figure Vitalik Buterin declared that he has regained control over the T-mobile account that was used to breach his X profile. On Warpcast, the app of the decentralized social media Farcaster, Buterin wrote, "Yes, it was a SIM swap, meaning that someone socially-engineered T-mobile itself to take over my phone number."

The Ethereum co-founder also talked about the lesson he took away from the incident: even if a phone number isn't used for two-factor authentication (2FA), it may still be used to reset a password for an account. Adding, "Can completely remove phone from Twitter," he acknowledged:

###

I had received the advise earlier that "phone numbers are insecure, don't authenticate with them," but I was unaware of this.###

Buterin said that he couldn't recall adding his phone number but assumed it was necessary to sign up for Twitter Blue, the X Premium subscription that is currently available. The Russian-Canadian entrepreneur continued, "Anyway, delighted to be on Farcaster, where my account recovery may be controlled by a good wholesome ethereum address:).

On Saturday, Dmitry Buterin, Vitalik Buterin's father, and other members of the cryptocurrency community alerted followers to a malicious tweet that appeared to have been made by scammers luring victims with free non-fungible tokens (NFTs), which led to the discovery that Buterin's X profile had been hacked.

Many X users in the crypto community believed Buterin had fallen victim to a SIM swap, a sort of attack in which an account is hijacked by taking advantage of a flaw in two-factor authentication where the second step is a text message delivered to the account holder's cellphone or a phone call.

Changpeng Zhao, founder and CEO of Binance, commented on the incident and urged everyone to adopt hardware 2FA for all bitcoin platforms. The chief executive of Binance tweeted, "Reminder to use hardware 2FA (Yubikey) for all crypto platforms," acknowledging that his own account has been frozen multiple times in the past due to hackers trying to brute-force it.

Have you given X access to your phone number? Describe it in the comments.