The call for better security measures on social media platforms has escalated following the high-profile hack of Vitalik Buterin’s X (Twitter) account over the weekend. Crypto industry experts have waded in offering their opinions and advice.
On September 9, Ethereum co-founder Vitalik Buterin was locked out of his X (formerly Twitter) account following the latest high-profile hack.
Buterin Hack Prompts Response
As reported by BeInCrypto, the scammers posted a fraudulent phishing link and NFT giveaway. They netted almost $700,000 in NFTs from duped victims who clicked the dodgy link.
On September 10, Ethereum core developer Tim Beiko warned that phone numbers linked to X (Twitter) accounts can be used to reset passwords. He advised removing your phone number from your account.
“If your Twitter account pre-dates crypto, strongly recommend double-checking, and adding strong 2FA!”
He pinged platform owner Elon Musk to say that this tip,
“Seems like a no-brainer to have this default on, or to default turn it on when an account reaches, say, >10k followers.”
Password recovery via SMS appears to be a major problem for platform security. Besides the obvious privacy leak, this is a huge help for hackers, said engineer ‘Captain_Plantain:’
“They can scrape the password reset tool for accounts that have a phone associated and target them for sim swaps!”
Hackers use SIM swapping, also known as simjacking, as a technique to gain control of a victim’s phone number. With control of the number, scammers can use two-factor authentication to access bank accounts, social media accounts, and crypto exchange accounts.
Read more: 15 Most Common Crypto Scams To Look Out For
DeFi researcher “Ignas” told his 63,000 followers that he was “double thinking” his security setup:
“The crucial step is to remove SMS 2FA from X.”
Moreover, Binance CEO Changpeng Zhao echoed the call for stronger security over the weekend:
“Twitter’s account security is not designed as financial platforms. It needs quite a bit more features: 2FA, login ID should be different from handle or email, etc.”
He revealed that hackers caused a lock on his own account a few times while trying to brute-force it.
Crypto Scams Show No Signs of Slowing
Late last month, a new phishing attack targeted FTX users on their company-registered email addresses.
The attacks came a week after Kroll, the claims agent in the bankruptcy proceedings, was impacted by a SIM-swapping attack.
In July, Uniswap CEO and founder Hayden Adams had his Twitter account hacked. The scammers posted a fake token revoke link warning Uniswap users about an exploit.
Moreover, one of the largest crypto phishing attacks occurred last week. A whale lost $24 million in stETH and rETH tokens in the massive exploit where token approvals were enabled by the victim.
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content.
Leave a Reply