On Saturday night, Vitalik Buterin had his X account hacked and the people behind the operation shared a phishing link. This operation is said to have caused more than $700,000 in losses to various victims.
Hackers take control of Vitalik Buterin’s X account
This night, Vitalik Buterin, the founder of Ethereum (ETH), had his X account hacked. The people behind the attack then shared a link for a supposed commemorative non-fungible token (NFT), to celebrate Ethereum’s upcoming big update:
Screenshot of fraudulent tweet shared by hackers of Vitalik Buterin’s X account
Where this scam may have worked is that Consensys, which develops numerous solutions on Ethereum, including MetaMask and Infura, has issued NFTs in the past to celebrate The Merge and Shapella. So it’s likely to do so again when the Dencun update, which introduces Proto-Danksharding, is rolled out.
However, it should be noted that such operations are carried out once the update has been successfully rolled out. What’s more, Vitalik Buterin is not in the habit of sharing NFT mints, which could raise a red flag in a case like this.
Here, Consensys’ X account was tagged. In such cases, it may also be a good idea to check the real X accounts of the players identified to see whether they in turn communicated about the operation.
Over $700,000 stolen
Shortly after the fraudulent tweet was published, alert messages began appearing to warn of the phishing attempt. For his part, @BokkyPooBah reported the theft of 2 NFTs from the CryptoPunks collection:
WARNING! I JUST LOST A FEW PUNKS!
DON’T INTERACT! pic.twitter.com/lS4VvlHdVa
– internetceo.eth feetpics.eth@onlyfanz.eth ohgod.et (@BokkyPooBah) September 9, 2023
On his Telegram channel, on-chain investigator ZachXBT warned his community 2 minutes after the tweet was published. He went on to say that his current estimate of the stolen funds and NFTs was more than $700,000.
At the time of writing, Vitalik Buterin appears to have regained control of his X account, as the tweet has been deleted.
While one user called for Ethereum’s founder to “take responsibility” for a lack of security, ZachXBT said Vitalik Buterin was a big enough target, for someone to “pay an insider” for such operations:
you do not know yet whether it was a SIM swap. Vitalik is a big enough target to where an insider could have been paid off or panel was used.
– ZachXBT (@zachxbt) September 10, 2023
At present, the person concerned has not yet made any statement regarding the attack. In any case, this case is a reminder of the need to be wary of the various links that can be shared on social networks
