A recent wave of SIM-swap attacks has targeted users of friend.tech, resulting in the theft of approximately $385,000 worth of Ether (ETH) in less than 24 hours. The attacks, which involved the hacker swapping the victims’ SIM cards to gain access to their phone numbers, allowed the attacker to acquire authentication and access the victims’ social media and crypto accounts.
ZachXBT, a blockchain sleuth, reported that the same scammer had stolen 234 ETH from four different friend.tech users within the past day. The movement of the stolen cryptocurrency was all traced back to the same hacker, who successfully drained the accounts of the victims.
One victim took to Twitter following the attack, stating that they had been sim swapped and that the attacker was able to carry out the swap from an Apple store, switching it to an iPhone SE. They warned others not to buy their compromised keys. Another user, KingMgugga, reported in real time that they were being targeted by an attack and asked for help. Another user, holycryptoroni, confirmed that they had also been attacked, expressing regrets for falling victim to the scam.
This recent chain of SIM-swap attacks is not an isolated incident. Earlier in the week, four other friend.tech users reported having their accounts drained as a result of SIM-swapping or phishing attacks, resulting in the theft of approximately 109 ETH. The victims expressed their frustration and shared their experiences on social media, raising concerns about the security of friend.tech.
Related Post
Friend.tech is a platform that allows users to purchase “keys,” which grant access to private chat rooms with individuals. The SIM-swap scam occurs when scammers gain access to a victim’s phone number and use it to acquire authentication, granting them access to the victim’s social media and crypto accounts. Manifold Trading, a firm that builds tools for the ecosystem, estimated that around $20 million of friend.tech’s $50 million total value locked could be at risk. They called for the platform to enhance its account security measures, including the implementation of two-factor authentication (2FA).
The high-profile hack of Vitalik Buterin’s account in September, also due to a SIM-swap attack, has brought attention to the need for enhanced security measures. There have been calls for friend.tech and other platforms to implement 2FA to prevent the leaking of mobile phone numbers. Wallet security firm Delegate CEO “0xfoobar” advised removing phone numbers from social media accounts to minimize the risk of SIM-swap attacks.
The prevalence of SIM-swap attacks highlights the importance of robust security measures in the cryptocurrency industry. Users must remain vigilant and take necessary precautions, such as enabling 2FA, avoiding the sharing of personal information, and regularly monitoring their accounts for any suspicious activity. Additionally, platforms must work together to enhance security protocols and protect their users from such attacks.
