Friend.Tech Faces Another Security Breach: Hacker Absconds with 234 ETH in Less Than 24 Hours

Friend.Tech users have fallen victim to SIM card manipulation, resulting in the theft of 234 ETH (approximately $385,000) within a day. The same hacker is believed to be responsible for a previous incident where 109 ETH was stolen.

This attack is part of a series of SIM-swapping hacks targeting users of the popular platform Friend.Tech.

Scammer's Rapid Theft

Prominent blockchain investigator reported on October 5 that an individual had successfully stolen 234 ETH within 24 hours. The hacker accomplished this by manipulating the SIM cards of four unsuspecting Friend.Tech users. What's even more concerning is that the transfer of these ill-gotten cryptocurrency assets can be traced back to the same hacker.

One victim shared their experience, revealing that the scammer had managed to change the SIM card and switch it to an iPhone SE, effectively taking control of the victim's wallet.

Another user, reported in real-time that they were witnessing the attack unfold and asked for assistance. Meanwhile, another confirmed that they had also fallen victim to a similar attack, expressing their frustration.

Previous Attacks on Friend.Tech Users

This is not the first time that Friend.Tech users have faced such attacks. Earlier in the week, four users reported that their accounts had been drained due to SIM swaps or phishing attacks, resulting in approximately 109 ETH being stolen.

Friend.Tech's Response

Friend.Tech, a platform that allows users to buy individual keys for private chat rooms, has been dealing with a severe security issue. SIM swap scams occur when attackers gain control of a person's phone number and use it to access their social media and cryptocurrency accounts.

Manifold Trading has suggested that up to $20 million of Friend.Tech's total locked-up value of $50 million may be at risk. They have urged the platform to enhance its account security measures, particularly by adding two-factor authentication (2FA) for improved protection.

You can now add and remove log in methods for your https://t.co/YOHabcBL3H account. To access these settings, tap your wallet balance in the top right corner of the app pic.twitter.com/d37VWVk2Eb

— friend.tech (@friendtech) October 4, 2023

The recent breach has reignited calls for Friend.Tech to implement 2FA security measures to protect against the exposure of mobile phone numbers. In response to the security breaches, Friend.Tech has introduced a new feature that allows users to eliminate specific login options, specifically phone numbers.

The founder and CEO of wallet security company Delegate has also recommended removing phone numbers from social media accounts as a proactive measure against potential attacks.