Over the weekend, Ethereum co-founder Vitalik Buterin seemingly fell victim to a hack on X (formerly Twitter). While in control of the account, attackers posted a message to Buterin’s feed, announcing a free commemorative non-fungible token (NFT) to celebrate the launch of Proto-Danksharding on the Ethereum blockchain.
The link appeared to connect to Consensys (which was supposedly releasing the NFT). Unfortunately for those who followed it and connected their wallets to make a claim, the site was actually a fake, set up to drain connected wallets.
Throughout the duration of the scam, $691,000 worth of tokens (73% of which were reportedly NFTs) were taken from victims’ wallets. To add insult to injury, the attacker then sent Buterin a stolen NFT likeness of himself from the Vitalik Elementals collection.
Back in June, a similar scam hit influencer Ben Armstrong (better known as Bitboy Crypto). Again, the attackers targeted Armstrong’s Twitter account, allegedly via a SIM-swapping attack.
💡
A SIM-swapping attack involves taking over a person’s mobile number by convincing the carrier to activate an alternate SIM card. All calls and messages sent to the original number will then be intercepted by the scammer, allowing them to potentially break two-factor authorization (2FA).
Followers were encouraged to claim a fictitious meme token to express negative sentiment towards the U.S. Securities and Exchange Commission (SEC). In trying to claim the $FCKSEC tokens, the victims unwittingly gave full access to their crypto wallets. A reported $760,000 worth of tokens was drained during the attack.
So what is it about crypto (and the X social media platform, it seems) that makes it such a prime target for hacks and scams? Of course, it is far from the only target, but we don’t often hear about the likes of Jamie Dimon getting hacked and his followers being stung for thousands (or millions) of dollars.
Perhaps, in part, this is down to the fact that Jamie Dimon is highly unlikely to tweet (or X) that your Average Joe can claim a bunch of free stuff. And, of course, that Jamie Dimon’s followers are unlikely to crawl over each other to get that free stuff if he did.
💡
N.B. Apparently JP Morgan Chase Chairman and CEO, Jamie Dimon, also doesn’t use X, but that’s rather beside the point.
But in the crypto world we have been conditioned to accept that free money and stuff (in the way of airdrops) is something that comes with the territory. Many start-ups in the space will use the tactic as a way to build brand recognition.
It doesn’t seem particularly outlandish to believe that our favorite crypto influencers would be informing us about such things. And the volatile nature of crypto means that there is a benefit to arriving at the party early.
Also, let’s be honest, many in the crypto sphere now are no longer in it to change society, but to change their own position within it, preferably by becoming incredibly wealthy with minimal effort in a very short space of time.
Maybe this is something that will change as the industry continues to mature. But until (and if) it ever does, we can only be responsible for ourselves.
So before you go rushing to connect your main wallet to a random website that has promised you the world on a stick, maybe it’s worth setting up a new dummy wallet to do that. At least until you can be sure that what you are linking to is genuine.
In fact, why not set one up now. The two minutes it will take you could end up saving you a lot of money and heartache in the future.
Members Discussion