A Scammer Steals $385,000 Worth of ETH from Friend.tech Customers
On October 5, 2023, a blockchain investigator named ZachXBT revealed that a single scammer had stolen approximately $385,000 worth of Ethereum (ETH) from four customers of Friend.tech in just one day. The thief used a SIM-swap attack to gain unauthorized access to the victims’ accounts. It was later discovered that the same hacker was responsible for stealing assets from other victims as well.
Real-Time Reports of SIM-Swap Attacks
During the incident, one victim known as “KingMgugga” reported the ongoing scam on Twitter, stating that they were witnessing a SIM-swap attack in progress. Another user, “holycryptoroni,” shared a similar experience. In the following week, four more customers reported losing a total of 109 ETH due to SIM-swap or phishing attempts.
Inadequate Security Measures on Friend.tech
Concerns have been raised about the security measures on Friend.tech, a platform where users can purchase access “keys” for private chat rooms. Manifold Trading, an ecosystem tools company, estimated that $20 million out of Friend.tech’s $50 million locked value could be at risk. They strongly recommended implementing two-factor authentication (2FA) to enhance account security.
Calls for Twitter to Implement 2FA
This incident has reignited demands for Twitter to adopt two-factor authentication (2FA). The call for stronger security measures follows the high-profile SIM-swap hack targeting Ethereum co-founder Vitalik Buterin’s account in September. Founder and CEO of Delegate, “0xfoobar,” advises users to remove their phone numbers from social media profiles to minimize potential risks.
Vulnerability of 2FA Systems to SIM-Swap Attacks
The Friend.tech incident highlights concerns surrounding the vulnerability of two-factor authentication (2FA) systems to SIM-swap attacks. A report by Blockchain.News in April 2023 raised security questions about Google’s Authenticator app, which now stores one-time codes in cloud storage, potentially making users more susceptible to SIM-swap attacks. If a hacker obtains the user’s Google password, they could compromise all applications linked to the authenticator.
Hot Take: Strengthening Security Measures is Imperative
The theft of $385,000 worth of ETH from Friend.tech customers underscores the urgent need for stronger security measures in the crypto industry. The incident highlights the risks associated with SIM-swap attacks and emphasizes the importance of implementing two-factor authentication (2FA) on both platforms and social media accounts. As hackers continue to exploit vulnerabilities, it is crucial for individuals and companies to prioritize cybersecurity to protect their digital assets.
By
By
By
By
By