Vitalik Buterin pfp
Vitalik Buterin
@vitalik.eth
Finally got back my T-mobile account (yes, it was a sim swap, meaning that someone socially-engineered T-mobile itself to take over my phone number).
56 replies
154 recasts
586 reactions

Vitalik Buterin pfp
Vitalik Buterin
@vitalik.eth
Main learning re twitter was: > A phone number is sufficient to password reset a Twitter account even if not used as 2FA. Can completely remove phone from Twitter. I had seen the "phone numbers are insecure, don't authenticate with them" advice before, but did not realize this
12 replies
18 recasts
113 reactions

Dan Cortes pfp
Dan Cortes
@typeof.eth
I don’t love Google Fi (mainly cause coverage isn’t as good), but two things that keep me here are free roaming and 2fa. Makes sim swapping much more difficult.
1 reply
0 recast
11 reactions

GabrielAyuso.eth ⌐◨-◨ pfp
GabrielAyuso.eth ⌐◨-◨
@gabrielayuso.eth
I might be biased but Google Fi is most likely the most secure carrier to hold your mobile number since it's backed by Google account security.
2 replies
0 recast
10 reactions

Syed Shah 🏴‍☠️🌊 pfp
Syed Shah 🏴‍☠️🌊
@syed
The best part of the hack was it took a lot of power away from you in terms of how much people listen to what you say without thinking. There will be a layer of critical thinking that's been strengthened. So a + for the community.
1 reply
0 recast
9 reactions

phil pfp
phil
@phil
Sorry that happened to you. Glad that the damage was mitigated quickly.
0 reply
1 recast
7 reactions

Trish🫧 pfp
Trish🫧
@trish
I had my sim “protected” by T-Mobile. The lost my pin but it was so too easy for me to get access to my account, I left. I’m so sorry that happened to you.
1 reply
0 recast
6 reactions

chrisb (boscolo.eth) pfp
chrisb (boscolo.eth)
@boscolo.eth
I'm sorry to hear about your experience, @vitalik.eth! I was sim swapped in 2019, so I understand the frustration. The experience motivated me to launch @3num. Our goal is to upgrade traditional SMS and voice protocols to more secure, crypto-native alternatives. 📱🔒
0 reply
1 recast
5 reactions

Garrett pfp
Garrett
@garrett
Why aren’t you using an authenticator app or security key?
1 reply
0 recast
4 reactions

Chopper pfp
Chopper
@chopper
Highly suggest switching providers. T-mobile is run by boomers who have no understanding of the technology & related exploits. I believe the CEO even blocked customers for bringing this to their attention.
1 reply
0 recast
4 reactions

Dan Finlay pfp
Dan Finlay
@danfinlay
Had you given T Mobile any special recovery instructions? I understand they will accept them (like a special password to provide to reset). Am curious if the social engineering bypassed any special notes.
0 reply
0 recast
4 reactions

Zuphioh pfp
Zuphioh
@zebra
Sim Swaps becoming a very frequent issue in this space, crazy how many people are getting impacted by it lately
1 reply
0 recast
3 reactions

S·G pfp
S·G
@esdotge
It is frustrating these types of hacks where people unfairly lose their digital assets. Until this is fixed we will not be offering a valid technology for the next internet. People want security, protection and guarantees of their property...
0 reply
1 recast
2 reactions

Petr Malyukov pfp
Petr Malyukov
@richmal.eth
@vitalik.eth Unfortunately, this is often the problem of all analog operators, where it assigns a static number and is tied to personal data and operators do not fight this problem. I use Web3 Phone Service dcalls.org
0 reply
1 recast
2 reactions

Andrew Miller pfp
Andrew Miller
@socrates1024
welcome back :) terrifying tho
0 reply
0 recast
2 reactions

pub-gmn.eth 🦇🔊👻🛡️ pfp
pub-gmn.eth 🦇🔊👻🛡️
@pub-gmn.eth
Welcome back legend! https://giphy.com/gifs/-reaction-welcome-back-YQpAgiAtZzpOtEHyvs
0 reply
0 recast
2 reactions

Thomas D. Pellegrin (🥝,🔪) pfp
Thomas D. Pellegrin (🥝,🔪)
@aviationdoctor.eth
Looks like everyone dropped the ball here. X shouldn’t enable phone recovery by default, it’s an obsolete practice. T-Mobile should use PINs to thwart social engineers (we’ve known about SIM swaps for years) + special procedures for public figures who are obvious targets (flag set=call escalation, added verif).
1 reply
0 recast
2 reactions

-X-.eth pfp
-X-.eth
@at
YubiKeys are what you need 👍 Yes they can be used on X
0 reply
0 recast
2 reactions

Adrienne pfp
Adrienne
@adrienne
Do you guys think mobile companies keep a list of high profile, likely targets for sim swaps? I would hope so but this makes me think they most certainly don’t, at least not T mobile 😒
2 replies
0 recast
2 reactions

nixo pfp
nixo
@nixo.eth
have seen a lot of this sim swaps but no post mortems on best practices to quickly recover your accounts - would really love to see something like this. i have no idea who you'd even reach out to in this situation
1 reply
0 recast
2 reactions