TL; DR
-
The Twitter/X account of Vitalik Buterin (founder of Ethereum, aka “ETH daddy”) was hacked this weekend.
-
This is what we know: After taking control of Vitalik’s account, the scammers posted a link to a fake NFT collection, causing Vitalik’s followers to click the link, link their wallets, and then see their wallets completely drained.
-
The result? Within a few hours, more than $690,000 was stolen. Poof! Gone in an instant.
Full story
No one is safe there.
Not even Vitalik Buterin (founder of Ethereum aka “ETH daddy”), whose Twitter/X account was hacked this weekend.
This is what we know:
After taking control of Vitalik’s account, the scammers posted a link to a fake NFT collection, causing Vitalik’s followers to click the link, link their wallets, and then see their wallets completely drained.
The result?
Within a few hours, more than $690,000 was stolen. Poof! Gone in an instant.
What’s even worse is that the first publicly claimed Crypto Punk (essentially the very first NFT ever minted with a value of 150ETH or ~$234K) was also lost in the hack.
So how do those hacks work? Shouldn’t the blockchain be unhackable?
Well, it’s not the blockchain that was hacked, but Twitter/Vitalik.
The overall assessment of how it turned out?
-
Hackers switched Vitalik’s number (i.e. called his mobile provider and pretended to be him, claiming he had lost his phone and needed a new SIM).
-
A password reset has been forced on Vitalik’s Twitter/X account.
-
I verified the reset via text message and started posting.
Some did… and once they entered their password and linked their wallet, the hackers were able to empty it.
The moral of the story?
Don’t use your phone number for two-factor authentication.
