Vitalik Buterin, the co-founder of Ethereum, has regained control of his T-Mobile account. Recently, He confirmed that the breach of his X (Twitter) account was caused by a SIM-swap attack.

Subsequently, speaking on the Farcaster decentralized social media platform on September 12, Buterin revealed that he has now regained control of his T-Mobile account. Notably, the attacker had ingeniously taken control of it through a SIM-swap maneuver.

“Yes, it was a SIM swap, meaning that someone socially-engineered T-mobile itself to take over my phone number.”

The Ethereum co-founder shared valuable insights from his experience with X.

Vitalik Buterin verifies the method used by hackers to access his X account. Source: Warpcast

“A mere phone number suffices to instigate a password reset for a Twitter account, even when not deployed as two-factor authentication,” he remarked, supplementing that users can “entirely disengage their phone from Twitter.”

“I had seen the ‘phone numbers are insecure, don’t authenticate with them’ advice before, but did not realize this.”

Recent X Account SIM-Swap Attack and Calls for Enhanced Security Measures

Surprisingly, on September 9, malefactors took control of Buterin’s X account, disseminating a counterfeit NFT giveaway, coercing users to interact with a malevolent hyperlink, resulting in collective losses exceeding $691,000 for the victims.

Furthermore, on September 10, Ethereum developer Tim Beiko ardently advocated for the elimination of phone numbers from X accounts, advocating for the activation of two-factor authentication (2FA) as a default measure.

Additionally, he proposed, “It seems only logical to have this as the default setting, or to automatically enable it when an account attains, say, >10k followers,” in correspondence with platform proprietor Elon Musk.

SIM-Swap Attacks Targeting T-Mobile: A History of Security Concerns and Lawsuits

A SIM-swap, also known as simjacking, is a tactic often used by malicious hackers. It involves taking control of a victim’s mobile phone number. Interestingly, with your mobile number, wrongdoers can exploit 2FA to access various accounts like social media, banking, and cryptocurrencies.

Moreover, this isn’t the first time T-Mobile has been connected to this method. Notably, in 2020, the telecom giant was sued for allegedly enabling the theft of $8.7 million in cryptocurrency. This was done through a series of SIM-swap attacks.

Previously, in February 2021, T-Mobile faced another lawsuit when a customer suffered a $450,000 loss in Bitcoin. Subsequently, this incident was a result of yet another SIM-swap attack.

Read More:

Terra Luna Classic Unanimously Approves v2.2.1 Core Upgrade

Thai Authorities Crack Down on $27M Crypto Scam: Five Arrested in Massive Fraud Case