In response to the surge in SIM-swap attack incidents aimed at its users, Friend.tech has introduced an additional security enhancement, allowing users the option to implement a 2FA security measure.
The creative minds behind the decentralized social media platform, Friend.tech, have responded to the increasing wave of SIM-swap attacks targeting their user base. They have recently unveiled a novel security feature in response to this threat.
In a post dated October 9th, which was shared on X (formerly known as Twitter), the Friend.tech team provided an important update. They explained that they are taking steps to enhance the security of Friend.tech accounts.
One of these measures is the option for users to incorporate a 2FA password. This additional security layer is designed to safeguard accounts in case a user’s mobile carrier or email service is compromised.
When Friend.tech users sign in from new devices, they will receive a prompt to include an additional password.
It’s worth noting that neither the Friend.tech team nor the Privy team possesses the capability to reset these passwords. Consequently, users are urged to exercise caution when employing this feature, as underscored by Friend.tech.
This recent modification comes in the wake of a series of SIM-swap attacks against Friend.tech users that began in September.
Friend.tech Community Grapples with SIM-Swap Attack Incidents: Responses and Reactions
On September 30th, an unfortunate incident occurred within the Friend.tech community. Froggie.eth, one of the community members, became one of the initial victims of a SIM-swap attack incident. This incident has prompted Froggie.eth to issue a cautionary message to fellow users, urging them to maintain heightened vigilance.
Subsequent to this incident, several more Friend.tech users came forward with comparable narratives. Over the span of a week, an estimated 109 Ether (ETH), equating to roughly $172,000, was pilfered from four users.
A mere few days later, four additional users found themselves targeted, resulting in the loss of an additional $385,000 worth of Ether.
In an effort to mitigate the risks associated with SIM-swap exploits, Friend.tech took action on October 4th. They revised their security measures to enhance user protection. This update provides users with the ability to add or remove various login methods as needed.
Despite this, some critics chastised Friend.tech for not implementing this solution earlier. One user exclaimed, “Finally!” while another chimed in with, “Took you long enough.”
However, despite the challenges, a prominent figure on Friend.tech, known as 0xCaptainLevi, maintained an optimistic perspective. They emphasized the significance of 2FA and its potential to propel the social media platform to unprecedented heights.
Jason Yanowitz Reveals Disturbing SIM-Swap Attack Method on Friend.tech
In a discussion thread on X dated October 8th, Jason Yanowitz, the founder of Blockworks, shed light on one of the methods employed in these SIM-swap attacks. The process involves sending a text message to the user, requesting approval for a number change. Users can respond with either “YES” to approve the change or “NO” to reject it.
If the user opts for “NO,” they will receive a legitimate verification code from Friend.tech and will be prompted to forward the code to the fraudster’s number.
A subsequent message underscores, “If we do not receive a response within 2 hours, the change will proceed as requested,” causing significant concerns.
“In reality, if I were to transmit the code, my account would be wiped clean,” Yanowitz lamented.
Currently, the total value secured on Friend.tech stands at $43.9 million, marking a 15.5% decrease from its peak of $52 million on October 2nd, according to DefiLlama.