Friend.tech reinforces security against SIM-swap attacks; users now use an extra password for protection amid a wave of cyber threats
The decentralized social media platform Friend.tech has unveiled a new security enhancement to fortify its defenses against a wave of SIM-swap attacks plaguing its user base. Announced in a post on X (formerly Twitter), the development seeks to safeguard users from falling victim to these malicious exploits.
The pivotal modification requires Friend.tech users to enter an extra password during the login process from a new device, significantly enhancing the barriers against potential cyber adversaries and bolstering the platform’s overall security posture.
The impetus for this security overhaul stems from a series of SIM-swap attacks that have plagued Friend.tech users since September. “Froggie.eth” was one of the initial victims, falling prey to this nefarious tactic on September 30th. In the wake of the incident, a clarion call was sounded, urging others to remain vigilant.
Friend.tech Users Face Devastating SIM-Swap Attacks
In subsequent days, several users shared harrowing tales of similar attacks. An alarming tally revealed that within a mere week, four users suffered the loss of 109 Ether (ETH) tokens, amounting to a staggering $172,000. Just days later, another four users were targeted in a 24-hour blitz, resulting in a devastating haul of approximately $385,000 worth of Ether.
To curb the risk of SIM-swap exploits, Friend.tech had already implemented a security update on October 4th. This allowed users to add or remove various login methods, though some critics argue this measure should have been enacted sooner.
However, an influential figure in Friend.tech, known as “0xCaptainLevi,” remains confident about the development. He emphasizes the significance of two-factor authentication (2FA) and opines that it could propel the social media platform to unprecedented heights.
Blockworks founder, Jason Yanowitz, unveiled one of the modi operandi behind these SIM-swap attacks on October 8th. The sinister process involves a deceptive text message soliciting a number change request. Users are given a binary choice, replying with “Yes” to authorize the change or “No” to thwart it.
Should users opt for “No,” they receive a genuine verification code from Friend.tech and are subsequently coerced into transmitting it to the scammer’s number. A follow-up message warns that if no response is received within two hours, the change will proceed as initially requested.
In the ongoing battle between hackers and Friend.tech’s security infrastructure, users find themselves caught in the crossfire, and the system witnessing a 15% decline from its peak, according to DefiLlama. As of the reporting time, the total locked value within Friend.tech stands at $44.6 million.