🚨Vitalik Buterin, co-founder of Ethereum, revealed the hack of his X (formerly Twitter) account was the result of a SIM-swap attack.

- Buterin shared on the decentralized social network Farcaster that the attacker did it via sim swap, showing that they were successful in defrauding T-Mobile to take control of his phone number.

- The important lesson from Buterin's experience is that Twitter's account recovery system is vulnerable.

- Buterin emphasized that even if the phone number is not used as a two-factor authentication (2FA) method, it can still be used to reset the password of a Twitter account.

- This event also highlights the security risks associated with relying on phone numbers for authentication, despite previous advice warning against this.

Buterin also admitted that he had encountered advice that discouraged the use of phone numbers for authentication, but until now he did not understand the seriousness of this problem.

CryptoPotato reported on Buterin's X account being hacked, resulting in the victim losing over $800,000 due to a fake malicious link advertising free NFTs.

The first publicly announced punk NFT, possibly the first ever created, was also lost in the September 9 attack.

After receiving warnings from prominent blockchain experts, including PeckShield and ZachXBT, Dmitry Buterin, the father of Ethereum co-founder, also confirmed that his son's account had been compromised.