Even Vitalik Buterin can get hacked. But when the “prince of crypto” loses control of his X account (ex-Twitter), the consequences can be very serious. Despite the numerous warnings from Internet users, the attack he suffered this weekend was indeed very lucrative. His loot is currently estimated at the equivalent of $691,000 by the crypto investigator ZachXBT.
Because this hack was clearly well thought out. It all started with a tweet from the official X account of Vitalik Buterin, this Canadian of Russian origin who revolutionized crypto by being at the origin of the Ethereum protocol. In this message sent on the evening of September 9, the crypto geek idealist explains that NTFs, free during the first day, will celebrate one of Ethereum’s latest updates.
Not his style
“Ask for your part of the story,” he concludes, sharing a link to Consensys.io, the specialist company supposedly home to NFTs. Many Internet users are quickly sounding the alert. This message is really not the style of the father of Ethereum. “Ignore this message, Vitalik has apparently been hacked, writes his father. He is working to restore his access “to his X account.”
Unfortunately it is already too late. Internet users have already clicked on the link, which actually refers to a phishing site. A page that was designed to suck up the contents of the wallets of visitors, to an undetermined number. The hackers thus amassed a tidy sum in crypto. But also NFTs, including one worth 153 ethers (around $250,000), immediately sold on marketplaces.
Sim-swapping?
It is currently unknown how Vitalik Buterin’s account was hacked. The latter did not return to this story, which recalls the spectacular hacking of celebrity Twitter accounts in July 2020. However, several observers have put forward the hypothesis of an attack by sim-swapping, this social engineering technique where the attacker takes control of a mobile phone number by claiming, for example, a problem with his SIM card with the mobile phone operator.
Regardless, the question of the security of X users was raised by Changpeng Zhao, the founder of the crypto exchange Binance. The security of X’s accounts “needs more features”, he remarked, before citing two-factor authentication, the establishment of a connection identifier different from the identifier and the email.