Zinger Key Points
- Buterin highlights phone-based authentication vulnerabilities, emphasizing the dangers of phone number resets.
- The incident resulted in a loss of roughly $700,000 in cryptocurrencies and NFTs through Pink Drainer.
Ethereum ETH/USD co-founder Vitalik Buterin has reclaimed his T-Mobile account, which was compromised due to a SIM swap attack.
This breach subsequently led to a phishing scam on X, formerly called Twitter.
The incident draws attention to the pressing concerns of digital security, a topic that will be thoroughly discussed at the upcoming Benzinga's Future of Digital Assets conference on Nov. 14.
Also Read: Crypto Financing Active Despite 5X Dip In Private Funds, Says Ex-ARK Invest Advisor
Over the past weekend, Buterin's X account faced unauthorized access following the SIM swap incident.
The attackers then executed a phishing scam, deceitfully endorsing a counterfeit commemorative NFT mint.
This malicious strategy ensnared users, redirecting them to a deceptive website that was set up to extract funds from any wallet that interacted with it.
The software tool, Pink Drainer, was utilized to facilitate this scam, resulting in a significant loss of around $700,000 in cryptocurrencies and NFTs.
On his re-established X account, Buterin shared his insights, shedding light on the vulnerabilities of phone-based authentication.
"A phone number is sufficient to password reset a Twitter account even if not used as 2FA. Can completely remove phone from Twitter," Buterin shared on Warpcast — a platform for the decentralized social system Farcaster, where one can handle account restoration using an Ethereum address.
He further added that although he had come across advice highlighting the insecurity of phone numbers for authentication purposes, he was unaware of its magnitude until now.
Buterin also speculated that the addition of his phone number might have been a prerequisite for registering for Twitter Blue.
Expressing relief, Buterin later mentioned his transition to Farcaster, stating, "glad to be on farcaster, where my account recovery can be controlled by a good wholesome ethereum address :)."
This incident underscores the need for robust digital security measures, especially in the realm of cryptocurrencies and digital assets. The upcoming Benzinga's Future of Digital Assets conference will serve as a platform for experts to discuss and deliberate on such pertinent issues, aiming to enhance the security and credibility of the digital space.
Read Next: FTX Liquidations Loom, But Justin Sun Has A Plan
Meet and engage with transformative Digital Asset and Crypto business leaders and investors at Benzinga's exclusive event - Future of Digital Assets. Tickets are flying- get yours!
© 2024 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.
Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.