Vitalik Buterin pfp
Vitalik Buterin
@vitalik.eth
Finally got back my T-mobile account (yes, it was a sim swap, meaning that someone socially-engineered T-mobile itself to take over my phone number).
27 replies
93 recasts
437 reactions

Vitalik Buterin pfp
Vitalik Buterin
@vitalik.eth
Main learning re twitter was: > A phone number is sufficient to password reset a Twitter account even if not used as 2FA. Can completely remove phone from Twitter. I had seen the "phone numbers are insecure, don't authenticate with them" advice before, but did not realize this
7 replies
12 recasts
76 reactions

Garrett 🎩↑ᖽ pfp
Garrett 🎩↑ᖽ
@garrett
Why aren’t you using an authenticator app or security key?
1 reply
0 recast
2 reactions

phil pfp
phil
@phil
Sorry that happened to you. Glad that the damage was mitigated quickly.
0 reply
0 recast
3 reactions

Brian Kim pfp
Brian Kim
@brianjckim
have you seen efani.com? i’ve had a good experience
0 reply
0 recast
0 reaction

Gabriel Ayuso ⌁ pfp
Gabriel Ayuso ⌁
@gabrielayuso.eth
I might be biased but Google Fi is most likely the most secure carrier to hold your mobile number since it's backed by Google account security.
2 replies
0 recast
5 reactions

typeof.eth 🔵 pfp
typeof.eth 🔵
@typeof.eth
I don’t love Google Fi (mainly cause coverage isn’t as good), but two things that keep me here are free roaming and 2fa. Makes sim swapping much more difficult.
1 reply
1 recast
4 reactions

Syed Shah🏴‍☠️🌊 pfp
Syed Shah🏴‍☠️🌊
@syed
The best part of the hack was it took a lot of power away from you in terms of how much people listen to what you say without thinking. There will be a layer of critical thinking that's been strengthened. So a + for the community.
1 reply
0 recast
5 reactions

OG dad pfp
OG dad
@boscolo.eth
I'm sorry to hear about your experience, @vitalik.eth! I was sim swapped in 2019, so I understand the frustration. The experience motivated me to launch @3num. Our goal is to upgrade traditional SMS and voice protocols to more secure, crypto-native alternatives. 📱🔒
0 reply
2 recasts
3 reactions

adrienne pfp
adrienne
@adrienne
Do you guys think mobile companies keep a list of high profile, likely targets for sim swaps? I would hope so but this makes me think they most certainly don’t, at least not T mobile 😒
2 replies
0 recast
3 reactions

Dan Finlay 🦊 pfp
Dan Finlay 🦊
@danfinlay
Had you given T Mobile any special recovery instructions? I understand they will accept them (like a special password to provide to reset). Am curious if the social engineering bypassed any special notes.
0 reply
0 recast
3 reactions

nixo pfp
nixo
@nixo
have seen a lot of this sim swaps but no post mortems on best practices to quickly recover your accounts - would really love to see something like this. i have no idea who you'd even reach out to in this situation
1 reply
0 recast
2 reactions

Trish🫧✈️🎩 pfp
Trish🫧✈️🎩
@trish
I had my sim “protected” by T-Mobile. The lost my pin but it was so too easy for me to get access to my account, I left. I’m so sorry that happened to you.
1 reply
0 recast
1 reaction

Zuphioh 🎩🔵 pfp
Zuphioh 🎩🔵
@zebra
Sim Swaps becoming a very frequent issue in this space, crazy how many people are getting impacted by it lately
1 reply
0 recast
1 reaction

Thomas pfp
Thomas
@aviationdoctor.eth
Looks like everyone dropped the ball here. X shouldn’t enable phone recovery by default, it’s an obsolete practice. T-Mobile should use PINs to thwart social engineers (we’ve known about SIM swaps for years) + special procedures for public figures who are obvious targets (flag set=call escalation, added verif).
1 reply
0 recast
1 reaction

8INK5 ⚡❤️ pfp
8INK5 ⚡❤️
@at
YubiKeys are what you need 👍 Yes they can be used on X
0 reply
0 recast
1 reaction

S·G 🎩  pfp
S·G 🎩
@esdotge.eth
It is frustrating these types of hacks where people unfairly lose their digital assets. Until this is fixed we will not be offering a valid technology for the next internet. People want security, protection and guarantees of their property...
1 reply
0 recast
1 reaction

Petr 🟢 dTelecom pfp
Petr 🟢 dTelecom
@richmal.eth
@vitalik.eth Unfortunately, this is often the problem of all analog operators, where it assigns a static number and is tied to personal data and operators do not fight this problem. I use Web3 Phone Service dcalls.org
0 reply
0 recast
1 reaction

Zoey 🎩 pfp
Zoey 🎩
@vezoey33
So sorry you had to experience that Vitalik!
0 reply
0 recast
0 reaction

Vinay Vasanji pfp
Vinay Vasanji
@vinayvasanji.eth
Given your profile, it's probably wise to switch from T-Mobile to a carrier like Efani https://www.efani.com/
0 reply
0 recast
0 reaction