Ethereum (ETH) creator Vitalik Buterin says that hackers used a SIM-swap scam to take over his account on the social media platform X to commit theft.
In a new post on the decentralized social network Farcaster, Buterin says that whoever committed the offense took over his T-Mobile phone number.
“Finally got back my T-Mobile account (yes, it was a SIM-swap, meaning that someone socially engineered T-Mobile itself to take over my phone number).”
SIM swapping happens when scammers contact a mobile phone carrier and trick them into activating the scam target’s phone number on a SIM card that they have. Once they have the SIM card activated they attempt to use it to intercept two-factor authentication codes (2FA) for the person’s accounts.
After taking over Buterin’s X (previously known as Twitter) account, the fraudsters promoted a non-fungible token (NFT) scam and reportedly made off with $691,000.
“Main learning regarding Twitter was:
A phone number is sufficient to password reset a Twitter account even if not used as 2FA.
Can completely remove phone from Twitter.
I had seen the ‘phone numbers are insecure, don’t authenticate with them’ advice before, but did not realize this. I don’t remember when I *added* the number; my guess is that it was required to sign up for Twitter blue.”
He also says he’s happy to be using Farcaster because his account recovery can be controlled by an Ethereum address.
Farcaster co-founder Dan Romero welcomed Buterin to his platform last year.
Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any loses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any cryptocurrencies or digital assets, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.
Generated Image: Midjourney