Co-founder of Ethereum Vitalik Buterin has addressed the security lapse that allowed unauthorised access to his X account, previously his Twitter account.
The incident, which involved the posting of phishing links to Buterin’s X account, has rekindled discussions about cybersecurity precautions.
Buterin’s security fumble
According to U.Today, hackers broke into Buterin’s X account without authorization and posted phishing links with the apparent intent of duping his followers.
According to accounts on social media, the malicious actors used a duplicitous “commemorative” non-fungible token (NFT) technique, which resulted in the theft of several NFTs.
Online users responded to the hacking event in a variety of ways, from parodies to serious talks on how vulnerable even tech-savvy people are to cyber dangers. Before Buterin’s statement, it was assumed that the hackers broke into his account through a SIM swap vulnerability.
SIM swaps and cyber traps
Later, Buterin took back control of his T-Mobile account and made a clarification on his X account. In order to obtain his phone number, someone “socially engineered” T-Mobile, he said, confirming that the hacking was the result of a SIM swap assault.
Buterin also provided a warning on the weakness of using phone numbers for authentication. He said that a phone number may still be used to change a user’s password on X even if it is not used for two-factor authentication (2FA). Buterin said that he had been warned about utilising phone numbers for identification, but had disregarded the advice up to this particular occurrence.
Because of the breach, Buterin has switched to “farcaster,” a platform that offers increased security by tying account recovery to Ethereum addresses.
Although Buterin has switched to a more secure platform, the episode should serve as a lesson for both prominent individuals and common people in the crypto industry.