In a recent security breach, Ethereum co-founder Vitalik Buterin’s X account, formerly known as Twitter, was compromised, leading to victims collectively losing more than $691,000. The incident unfolded when a malicious link falsely advertising a free NFT (non-fungible token) was shared via Buterin’s account.
Dmitry Buterin, Vitalik’s father, disclosed the hack on September 9th, stating, “Disregard this post, apparently Vitalik has been hacked. He is working on restoring access.” The post in question, celebrating the arrival of “Proto-Danksharding” on Ethereum, has since been deleted. The hacker used this post to lure victims into clicking on the malicious link, encouraging them to connect their wallets, ultimately resulting in the theft of their funds.
As a consequence of this breach, Ethereum developer Bok Khoo, also known as Bokky Poobah on X, reported losses in his CryptoPunk NFT collection. At the time of reporting, the floor price for a CryptoPunk NFT was 46.99 Ether (ETH), equivalent to approximately $76,837.
Blockchain investigator ZachXBT, with a following of 438,200, has been actively tracking the hacker’s activities. He revealed that the most valuable NFT stolen so far was CryptoPunk #3983, valued at 153.62 ETH, approximately $250,543.
Some X users, including one with the alias Satoshi 767, suggested that Buterin may not have implemented adequate security measures for his X account. Satoshi 767 stated, “I hate to be the one to say it, but Vitalik should take accountability for his poor op-sec and compensate those affected,” implying that Buterin’s oversight may have facilitated the attack.
However, ZachXBT countered these claims, asserting that Buterin’s high profile makes him a target for various hacking attempts. He argued, “You do not know yet whether it was a SIM swap. Vitalik is a big enough target to where an insider could have been paid off or a different method was used.”