After recovering his X (Twitter) account, Ethereum co-founder Vitalik Buterin let it be known that the hack of his account was achieved by way of a sim swap.
The hack
A hacker was able to steal almost $700,000 from X users who were taken in by Vitalik’s compromised account. A link on the profile page invited users to mint exclusive NFTs, and when they connected their wallets funds were stolen from their accounts.
Once Vitalik was able to regain control of his account he published on Warpcast an admittal that the hack was by way of his T-Mobile account, whereby the hacker took control of his phone number with a sim swap.
Removal of phone number tied to account
He also published advice to users on Warpcast in order to help them avoid the same thing happening to them.
“A phone number is sufficient to password reset a Twitter account even if not used as 2FA,”
He added that users can “completely remove [their] phone from Twitter.”
The ethereum co-founder was referring to X users going into their security settings and disabling their phone number from their accounts. Setting one's 2-factor authentication (2FA) is universally considered an excellent layer of security.
T-Mobile sim swap woes
T-Mobile has had its share of troubles over sim swap attacks which enable attackers to take control of victims’ phones and allow them access to social media, bank accounts, and crypto wallets.
Sim swaps using T-Mobile have resulted in millions of dollars in value being stolen from T-Mobile customers, who took the telecoms giant to court over the incidents.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.