Although these attacks are on the rise, many believe that some of them may simply be the account owner’s fault.
Vitalik Buterin, Ethereum’s co-founder, is the latest high-profile individual to have bad actors gain control of his X (formerly Twitter) account. The yet-to-be-identified hackers used the account to publish a post claiming to celebrate the arrival of “Proto-Danksharding coming to Ethereum.“ They also posted a malicious link that falsely promoted free non-fungible tokens (NFTs).
Although Vitalik’s father later quickly put out a disclaimer post on September 9, it was a little too late as some victims had already connected their wallets to access the fake free NFTs.
As it turned out, the link from the now-deleted post went straight to a phishing website. There, the hacker was able to drain cryptocurrencies and NFTs from the wallets of unsuspecting victims who interacted with the post.
Nearly $700K Lost from Phishing Attack, Investigation Reveals
According to popular blockchain investigator ZachXBT and on-chain data, victims may have lost around $700,000 in crypto and NFTs to the phishing attack.
One of the notable losses is that of Ethereum developer Bok Khoo, also known as Bokky Poobah on X. Although he did not disclose the exact amount he lost, Bokky claims that he suffered a few losses in his CryptoPunk NFT collection, the average floor price of which is 46.99 Ether ETH. That is approximately $76,837 per one.
WARNING! I JUST LOST A FEW PUNKS!
DON'T INTERACT! pic.twitter.com/lS4VvlHdVa
— superstarz.eth@onlyfanz.eth lovenotwar.eth (@BokkyPooBah) September 9, 2023
The most valuable NFT stolen in the phishing attack was identified as CryptoPunk #3983. It is worth 153.62 ETH (approximately $250,543).
The hacker also pilfered hundreds of Ether from several individuals and has already sold most of the NFTs. As of publication, most of the proceeds from the attack remain in the hacker’s wallet.
Vitalik Buterin Blamed for Negligence
Without a doubt, high-profile account compromise such as this has somehow become a common occurrence. Recently, Coinspeaker reported about OpenAI’s CTO’s X account being used to promote a fake airdrop. Although these attacks are on the rise, many believe that some of them may simply be the account owner’s fault.
A user identified as Satoshi 767 on X shares the same sentiment. The individual suggested that Buterin might not have implemented reasonable security measures for his X account. Thus making room for an easy hack. He wrote:
“The only way this isn’t negligence on Vitalik’s part is if someone at X internally compromised the account, or if he was coerced in person by a criminal who threatened violence. I highly doubt that’s what happened. Most likely, this was a SIM swap.”
The user then urged the ETH co-founder to take responsibility for the part his negligence played in aiding the attack. But more importantly, he also asked Vitalik to compensate the affected users.
next