A hacker took control of Ethereum cofounder Vitalik Buterin’s X (formerly Twitter) account over the weekend and promptly stole hundreds of thousands of dollars worth of high-profile NFTs.
In a now-deleted post, Buterin’s account advertised what appeared to be a link to a free NFT celebrating “Proto-Danksharding,” in partnership with Consensys, the company behind the MetaMask crypto wallet. Instead, when users clicked on the link and connected their wallets, the hacker drained their assets. In total, the exploit netted about $690,000 for the attacker, according to crypto sleuth @ZachXBT.
Although Buterin’s father quickly posted on X that his son’s account had been hacked, the exploiter still managed to steal several expensive NFTs, including CryptoPunk #3983, which was last valued at 153.62 Ether, or nearly $244,000, as of Monday.
The attack was quickly highlighted as yet another example of how crypto enthusiasts are at risk of being hacked. Binance CEO Changpeng Zhao also seized on the moment to criticize X for what he called lax security standards. He noted that his X account has been locked several times when hackers attempted to crack his password.
“Twitter’s account security is not designed as financial platforms. It needs quite a bit more features: 2FA, login id should be different from handle or email, etc,” Zhao wrote on Sunday.
Vitalik’s Twitter account got hacked. Use common sense when reading content on social media, even from large KOLs.
Twitter’s account security is not designed as financial platforms. It needs quite a bit more features: 2FA, login id should be different from handle or email, etc.… pic.twitter.com/oYQch8r2H0
— CZ 🔶 Binance (@cz_binance) September 10, 2023
The attack on Buterin’s X account is the latest in a long list of social media hacks aimed at capturing crypto and NFTs. These types of hacks often target celebrities and public figures to get the biggest possible reach, enabling theft from even greater numbers of unsuspecting social media users.
In June, a hacker who took over the X accounts of people like Barack Obama, Elon Musk, Jeff Bezos, Kim Kardashian, Joe Biden, Kanye West, and Warren Buffet for a crypto scam was sentenced to five years in prison and three years of supervised release. According to blockchain data platform Chainalysis, crypto scammers had stolen $1 billion in 2023 as of June, which comes after stealing some $5.9 billion in 2022.