Security Guide for Securing X (Twitter) Account
Last updated
Last updated
Recently, there have been frequent incidents where Web3 project owners or celebrities' X accounts have been hacked and used to send phishing tweets. Hackers often use various methods to steal user accounts, with some common tactics including:
Tricking users into clicking on fake Calendly/Kakao meeting links to steal account authorization or control their devices.
Sending direct messages to lure users into downloading Trojan-infected programs (disguised as games, meeting apps, etc.), which can steal private keys/mnemonics and X account permissions.
Using SIM Swap attacks to steal X account permissions that rely on phone numbers.
Given the frequent occurrences of such incidents, many users are unaware of how to enhance the security of their X accounts. The Veritas Protocol Security Team will explain how to conduct authorization checks and security settings for X accounts. Here are the specific steps:
We use the web version as an example. After opening the x.com page, click on the "More" sidebar and find the "Settings and privacy" option, which is mainly used for setting account security and privacy.
After entering the "Settings" section, select "Security and account access" to set the security and access permissions for the account.
Many phishing methods involve tricking users into clicking on application authorization links, which can result in granting tweet posting permissions to the X account, leading to the account being used for phishing.
Check method: Select the "Apps and sessions" section to see which applications the account has authorized, as shown below, the demonstration account has authorized these three applications.
After selecting a specific application, you can see the corresponding permissions. Users can remove permissions through the "Revoke app permissions" option.
Check method: Settings β Security and account access β Delegate
If you find that the account allows invitation management, you need to enter "Members you've delegated" to see which accounts the current account is shared with. If sharing is no longer needed, delegation should be canceled immediately.
If users suspect that their account has been maliciously accessed, they can check the login logs to see abnormal login devices, dates, and locations.
Check method: Settings β Security and account access β Apps and sessions β Account access history
As shown below, entering Account access history allows you to view the device model, login date, IP, and region. If abnormal login information is found, the account may have been compromised.
If a malicious login occurs after an X account is stolen, users can view the current login devices for the account and log out the suspicious device.
Check method: Select "Log out the device shown" to log the account out from a specific device.
Users can enable 2FA verification to set up two-factor authentication, reducing the risk of account takeover if the password is leaked.
Configuration method: Settings β Security and account access β Security β Two-factor authentication
You can set up the following 2FA methods to enhance account security, such as SMS verification codes, authentication apps, and security keys.
In addition to setting account passwords and 2FA, users can enable additional password protection to further enhance X account security.
Configuration method: Settings β Security and account access β Security β Additional password protection
Regularly checking authorized applications and login activities is key to ensuring account security. The Veritas Protocol Security Team recommends that users regularly conduct authorization checks on their X accounts according to the steps outlined to strengthen account security and reduce the risk of hacker attacks. If you discover that your account has been compromised, immediately take action to change your account password, conduct authorization checks, revoke suspicious authorizations, and enhance security settings for your account.
