top of page

Vitalik Buterin's X Account Breach: $700K Crypto and NFT Heist

Ethereum co-founder Vitalik Buterin's X (formerly Twitter) account became the target of a malicious takeover resulting in the theft of approximately $700,000 worth of cryptocurrencies and NFTs. The incident occurred recently and involved the unauthorized use of Buterin's account to promote a fraudulent commemorative NFT mint.

Vitalik Buterin's X Account Breach: $700K Crypto and NFT Heist

The perpetrators of the attack utilized Buterin's account to publicize the creation of commemorative NFTs, claiming that these NFTs were available for a limited time. They urged users to mint these NFTs promptly, providing a link that purportedly led to the minting process. However, this link actually directed unsuspecting victims to a phishing website designed to siphon cryptocurrencies and NFTs from their wallets.

Estimates from crypto investigator ZachXBT and on-chain data suggest that the attackers successfully stole around $700,000 in cryptocurrencies and NFTs during this phishing attack. Notably, this sum included a valuable CryptoPunk NFT valued at 153 ETH, equivalent to $250,000, as well as several hundred ether tokens from multiple users. While some of the pilfered NFTs have been sold, a significant portion of the ill-gotten gains remains in the hacker's wallet.

The attack was carried out using a tool known as Pink Drainer software, which has gained notoriety for enabling NFT draining in similar phishing attacks. Pink Drainer software is part of a shadowy underworld where malicious actors create and sell software specifically designed for draining NFTs from unsuspecting victims. In many instances, individuals who purchase this software share a portion of their gains with the software's creator. In some cases, the creator may conduct phishing attacks using their own software.

Vitalik Buterin's account breach is the latest in a series of phishing attacks on the X platform (formerly Twitter). This latest incident is part of a growing trend in which cyber criminals pose as journalists associated with crypto media organizations to deceive their targets. Numerous prominent figures in the crypto space and corporate accounts have fallen victim to such attacks, including the NFT project Azuki and the Aptos Foundation.

They employ tactics such as encouraging victims to bookmark a document in their browsers, enabling the execution of malicious code. To safeguard against such attacks, it is advisable to store valuable NFTs and substantial cryptocurrency holdings in cold storage rather than hot wallets. Additionally, emerging tools like Delegate Cash empower NFT owners to delegate rights to their NFTs, granting access to gated NFT community areas without needing frequent wallet logins.

Elon Musk's X and the Risks of Crypto Scams

In another example of scams taking place on the X social media platform, a crypto scam recently emerged that highlights the vulnerabilities in the platform since Elon Musk's acquisition. The scam involved a fraudulent $25 million giveaway of a token purportedly linked to the Grayscale Bitcoin Trust (GBTC), a well-known cryptocurrency investment vehicle with assets of around $13 billion.

The scam posts on X claimed that $25 million worth of the new token, GBTC, would be distributed to individuals who visited a specified website. However, this offer was unequivocally a scam. The account responsible for these deceptive promises, @Grayscale_FND, had no affiliation with the actual Grayscale company, as confirmed by a Grayscale spokesperson.

Before Elon Musk acquired X and renamed it, a blue checkmark symbolized a verified account, indicating that some level of vetting had occurred. However, this verification system changed, and now a blue checkmark merely indicates that the account owner can afford an $8 monthly fee, leading to a proliferation of crypto scams on verified X accounts.

To distinguish between genuine and fraudulent accounts, users must be aware of the new gold checkmark designation, which is reserved for official organizations and companies. Unfortunately, many users could be deceived because @Grayscale_FND employed the real Grayscale's logo in its profile.

This incident serves as a cautionary tale about the risks of cryptocurrency scams on social media platforms like X. These scams prey on individuals seeking quick gains and often rely on impersonation tactics to appear legitimate. It's essential for users to exercise vigilance, verify the authenticity of offers, and refrain from engaging in activities that seem too good to be true.

bottom of page