Vitalik Buterin Hacked: SIM Swap Behind $691,000 Theft

Vitalik Buterin, the co-founder of Ethereum, recently disclosed the hacking of his X account.

He made this revelation on Farcaster, a decentralized social media platform, on September 12th, stating that he fell victim to a SIM swap attack.

Link

Details of the $691,000 Heist

On September 9th, malefactors gained control over Buterin's X account, promoting a fraudulent link that claimed to introduce commemorative non-fungible tokens (NFTs) by software giant Consensys.

This deceptive link led to the theft of $691,000 in assets from several of Buterin's 4.9 million followers who believed they were acquiring genuine commemorative NFTs.

An X platform user, Satoshi_767, suggested that the breach was a result of a SIM swap attack, a method where hackers seize a victim's mobile number to gain unauthorized access to various accounts.

However, this hypothesis faced skepticism from ZachXBT, an on-chain detective, who believed that Buterin's stature in the crypto realm made him susceptible to diverse attack vectors.

Buterin later confirmed on Farcaster that the breach was indeed a SIM swap attack and that he had regained control of his T-Mobile account.

Buterin also cautioned users to unlink their phone numbers from X, emphasizing that phone numbers alone could facilitate password resets, thereby bypassing two-factor authentication (2FA) safeguards.

Link

Rising Trend of SIM Swap Attacks

Buterin's ordeal is a testament to the escalating number of SIM swap attacks targeting crypto enthusiasts and industry leaders. In a similar incident in August, Bart Stephens, the co-founder of Blockchain Capital, lost assets worth over $6.3 million due to a SIM swap attack. The Gutter Cat Gang NFT initiative also suffered a setback in July when they lost control of their X account, resulting in a loss of NFTs valued at $765,000.

X

ZachXBT highlighted the severity of the issue, noting that in the past four months, a staggering $13.3 million was lost in 54 separate SIM swap attacks. He also criticized the 2FA system, advocating for the adoption of authenticator apps or security key mechanisms.