Friend.tech Users Warn of Sim-Swap Attacks; Crypto Investment Firm Cites $20M Risk
Summary:
Users of Friend.tech platform are cautioning against potential SIM-swap attacks following various alleged hacks that led to approximately $178,000 (nearly 109 ETH) loss from four accounts in less than a week. Cryptocurrency investment firm Manifold Trading warned that around $20 million could be at risk from such attacks, given Friend.tech's security framework. Manifold suggested improvements such as enabling two-factor authentication for logins and transactions, allowing email-based logins, and permitting the use of third-party wallets.
Users of the digital platform Friend.tech are issuing alerts about potential SIM-swap attacks following a series of alleged hacks. In less than a week, approximately $178,000, equivalent to almost 109 Ether (ETH), was lost from four user accounts. On September 30, a user with the Twitter handle “froggie.eth” claimed they fell victim to SIM swapping where fraudsters took over their mobile number to seize two-factor authentication messages in order to gain access to their account. As a result, they lost more than 20 ETH.
In a similar event, multiple Friend.tech users began reporting comparable experiences on October 3. Daren Broxmeyer, a musician, stated that after being bombarded with phone calls, which were probably intended to make him overlook a warning from his service provider about unauthorized access attempts, he was SIM-swapped and left 22 ETH short. He posted on Twitter detailing that not only were his own 34 keys sold, but the remaining ETH in his wallet was also drained.
On the same date, another user by the handle “dipper” admitted to having their account breached too. They expressed uncertainty about how the hackers could have broken into their account as they used robust passwords. The onslaught continued with the fourth user “digging4doge” losing approximately 60 ETH after being lured into sharing a login code in a phishing scam.
Cryptocurrency investment company Manifold Trading shed light on how any infiltrator who gains access to a Friend.tech profile can consequently “rug” the account entirely. They estimate that with one-third of Friend.tech’s user accounts attached to phone numbers, a sum of around $20 million stands vulnerable to such user-targeted hacking through the platform. They further warned that the entire Friend.tech platform is technically at risk due to its security framework and resolving these vulnerabilities should be given utmost priority.
Manifold recommended that Friend.tech should enable users to apply two-factor authentication to logins, key decryption, and transactions. They also proposed enabling users to switch their login method from mobile numbers to email addresses and permitting the use of third-party wallets. Previously, notable figures in the crypto realm have fallen victim to SIM-swapping with their accounts leveraged to execute phishing attempts.
At the time of reporting, Friend.tech has not responded to requests for comments on these incidents.
Published At
10/4/2023 6:31:32 AM
Disclaimer: Algoine does not endorse any content or product on this page. Readers should conduct their own research before taking any actions related to the asset, company, or any information in this article and assume full responsibility for their decisions. This article should not be considered as investment advice. Our news is prepared with AI support.
Do you suspect this content may be misleading, incomplete, or inappropriate in any way, requiring modification or removal?
We appreciate your report.