Microblogging website Twitter came under a severe cyberattack yesterday, in which several high-profile accounts of the crypto space were hacked. Some of the biggest names among victims included billionaire Gemini Exchange boss Tyler Winklevoss, Tesla Chief Elon Musk, Litecoin’s Charlie Lee, Binance CEO Changpeng Zhao, TRON CEO Justin Sun, the official accounts of Binance, Coinbase, and Coindesk.
Criticizing the platform’s security, John McAfee, the pioneer of computer security, tweeted that 2-factor authentication used by Twitter is its worst security threat. He added that the 2-factor authentication makes users vulnerable to the trivial SIM Swap hack, which even Jack Dorsey, Twitter CEO, was a victim of.
Several questions have been raised following the attack, which was initially understood to be carried out for a Bitcoin giveaway scam. However, reports from media outlets and claims made by Balaji Srinivasan and Jeremy Arnold have put a big question mark on Twitter’s security policy itself. Tyler Winklevoss said that he had an active 2-factor authentication on his account, and yet, the hackers were able to break in.
Explaining the flaws in the 2-factor authentication, McAfee urged users to never share their phone numbers with platforms which use it for authentication. He also said that even a 12-year old can socially engineer a phone company to execute the SIM Swap hack and get hold of anyone’s phone number. However outrageous it may sound, taking John McAfee lightly in terms of advice on cybersecurity is not a wise thing at all.