Hackers Target Ethereum Co Founder Vitalik Buterin’s Social Media Account, Siphoning Nearly $700,000
On September 9, 2023, hackers launched a targeted attack on the Twitter account of Ethereum co-founder Vitalik Buterin, also known as “X” on the platform. In a deceptive move, the hackers managed to swindle almost $700,000 from unsuspecting followers by posting a fraudulent link associated with ConsenSys.
A Deceptive Post Lures Unsuspecting Followers
The cybercriminals posted a misleading link, accompanied by a message announcing the release of a commemorative NFT by ConsenSys to celebrate Ethereum’s Proto-Danksharding introduction. This message successfully enticed users to click on the link, promising a free NFT. However, the link turned out to be a trap.
What made this attack particularly effective was that the message appeared to originate from Vitalik Buterin’s verified Twitter account. This authenticity led many users to fall victim to the scheme. Tragically, those who clicked on the deceptive link had their valuable NFT assets stolen.
Typical Hacker Modus Operandi
The hackers employed a familiar modus operandi. The deceptive link allowed them to gain access to the wallets of unsuspecting followers, resulting in a significant loss of NFT assets.
Prominent Ethereum developer BookyPooBah was among the victims, losing two CryptoPunks (#3983 and #1751) in addition to other NFTs. The list of stolen NFTs also included well-known ones like Milady 4755, Meebit #9965, and Meridian #918.
The estimated value of the stolen assets, according to on-chain analyst ZachXBT, amounts to approximately $691,000. As of the time of reporting, it remains uncertain whether Vitalik Buterin has successfully regained control of his Twitter account, although the deceptive post has been removed.
Concerns Over Twitter’s Security
This incident underscores the growing concern about the surge in phishing scams on the Twitter platform, which has seen a worrying increase throughout the year. Prominent figures in the cryptocurrency space, including ZachXBT and Binance’s CEO Changpeng Zhao, have expressed their concerns about the rising number of cybercrimes. These malicious actors often employ verified bots and strategically target influential accounts to propagate their fraudulent links.
In a separate incident earlier in July, hackers breached the accounts of notable individuals, including Uniswap founder Hayden Adams and the blockchain network Aptos. Another cryptocurrency enthusiast lost a staggering $24 million to a similar phishing scheme.
Read More: Ethereum Faces Short Term Uncertainty Amid Altcoin Market Turmoil
Changpeng Zhao emphasized the need for greater security measures on Twitter, stating that “Twitter’s account security is not designed as financial platforms. It needs quite a bit more features: 2FA, login id should be different from handle or email, etc.” He shared his own experiences of having his Twitter account locked multiple times due to hackers attempting to brute-force it.
In conclusion, this incident serves as a stark reminder of the vulnerabilities within social media platforms and the importance of vigilance and enhanced security measures to protect against cyberattacks, especially within the cryptocurrency community.