{"id":593150,"date":"2023-10-04T09:31:32","date_gmt":"2023-10-04T06:31:32","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/friend-tech-users-blame-sim-swaps-after-more-than-100-eth-drained-in-a-week\/"},"modified":"2023-10-04T09:31:32","modified_gmt":"2023-10-04T06:31:32","slug":"friend-tech-users-blame-sim-swaps-after-more-than-100-eth-drained-in-a-week","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/friend-tech-users-blame-sim-swaps-after-more-than-100-eth-drained-in-a-week\/","title":{"rendered":"# Friend.tech users blame SIM swaps after more than 100 ETH drained in a week"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/images.cointelegraph.com\/cdn-cgi\/image\/format=auto,onerror=redirect,quality=90,width=840\/https:\/\/s3.cointelegraph.com\/uploads\/2023-10\/979d8242-77ff-4d8f-aff1-b87a95144b0d.jpg\" \/><\/p>\n<p itemprop=\"description\" class=\"post__lead\" data-v-ff33fc9a> In a short period of time, four friend.tech users reported their accounts were compromised and drained after hackers seized control of their mobile numbers. <\/p>\n<p><\/p>\n<div class=\"post-content\" data-v-ff33fc9a>Friend.tech users are warning of possible SIM-swap attacks after a recent spate of supposed hacks resulting in nearly 109 Ether (ETH) worth around $178,000 being drained from four users in under a week.<\/p>\n<p>On Sept. 30, the X (formerly <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">Twitter<\/a>) user known as \u201cfroggie.eth\u201d <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/brypto_\/status\/1708055944360255600\">warned<\/a> their Friend.tech account was SIM-sw<a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>ed \u2014 where exploiters gain control of a user\u2019s mobile number to intercept two-factor authentication codes, then used to access accounts \u2014 and subsequently drained of over 20 ETH.<\/p>\n<p>Days later, on Oct. 3, a string of Friend.tech users reported similar incidents, with musician Daren Broxmeyer saying he was SIM-swapped and drained of 22 ETH.<\/p>\n<p>His phone was earlier \u201cspammed with phone calls,\u201d which he believed was to force him to miss a text from his service provider warning him that someone was trying to access his account.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">I was just SIM swapped and robbed of 22 ETH via <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/friendtech?ref_src=twsrc%5Etfw\">@friendtech<\/a><\/p>\n<p>The 34 of my own keys that I owned were sold, rugging anyone who held my key, all the other keys I owned were sold, and the rest of the ETH in my wallet was drained.<\/p>\n<p>If your Twitter account is doxxed to your real\u2026 <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/5wA86mjYEG\">pic.twitter.com\/5wA86mjYEG<\/a><\/p>\n<p>\u2014 daren (friend, friend) (@darengb) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/darengb\/status\/1709021872178729409?ref_src=twsrc%5Etfw\">October 3, 2023<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>The same day another user, \u201cdipper,\u201d also <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/d1pp3r__\/status\/1708951614227173589\">said<\/a> their account was compromised, adding they have \u201cno idea\u201d how exploiters could hack their account, as they use strong passwords.<\/p>\n<p>The fourth user, \u201cdigging4doge,\u201d was drained of around 60 ETH after falling for a phishing scam that tricked them into sharing a login code.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Friendtech user <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/digging4doge?ref_src=twsrc%5Etfw\">@digging4doge<\/a> just got drained to the tune of ~60 eth worth of keys.<\/p>\n<p>About an hour ago, he received a text informing him that a number change had been requested for his account.<\/p>\n<p>He had two hours to respond or the request would be auto approved. This was, of\u2026 <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/L21Hr041kP\">pic.twitter.com\/L21Hr041kP<\/a><\/p>\n<p>\u2014 quit (,) (@0xQuit) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/0xQuit\/status\/1709391410783195384?ref_src=twsrc%5Etfw\">October 4, 2023<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Crypto investment firm Manifold Trading explained that any hacker gaining access to a Friend.tech account is then able to \u201crug the whole account.\u201d<\/p>\n<p>Assuming that a third of Friend.tech accounts are connected to phone numbers, around $20 million is at risk of being exploited through Friend.tech user-focused exploits, they said.<\/p>\n<p><strong><em>Related: <\/em><\/strong><strong><em>Friend.tech look-alike \u2018Alpha\u2019 emerges on Bitcoin network<\/em><\/strong><\/p>\n<p>Manifold also suggested that, technically, all of Friend.tech is at risk due to how the platform\u2019s security is set up, and solving the issues \u201cshould honestly be the number 1 priority.\u201d<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">If any hacker gains access to a FriendTech account via simswap\/email hack, they can rug the whole account<\/p>\n<p>If you assume 1\/3 of FriendTech accounts are connected to phone numbers, that&#8217;s $20M at risk from sim-swaps<\/p>\n<p>FriendTech&#8217;s current setup also technically allows a rogue dev\u2026 <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/XgodMNSh2l\">https:\/\/t.co\/XgodMNSh2l<\/a><\/p>\n<p>\u2014 Manifold (@ManifoldTrading) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/ManifoldTrading\/status\/1708975441539744050?ref_src=twsrc%5Etfw\">October 2, 2023<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Manifold suggested Friend.tech allow users to add 2FA to logins, key decryptions and transactions.<\/p>\n<p>Users should also be given the option to change the login method from a number to email and allow for third-party wallets to be used.<\/p>\n<p>High-profile crypto figures have previously been successfully SIM-swapped, with their accounts used to carry out phishing attacks, such as Ethereum co-founder Vitalik Buterin\u2019s X account in September.<\/p>\n<p>Cointelegraph contacted Friend.tech for comment but did not immediately receive a response.<\/p>\n<p><strong><em>Magazine: <\/em><\/strong><strong><em>Blockchain detectives \u2014 Mt. Gox collapse saw birth of Chainalysis<\/em><\/strong><\/p>\n<p><template data-name=\"subscription_form\" data-type=\"defi_newsletter\"><\/template><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/friendtech-sim-swap-attack-string-of-hacks\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In a short period of time, four friend.tech users reported their accounts were compromised and drained after hackers seized control of their mobile numbers. Friend.tech users are warning of possible SIM-swap attacks after a recent spate of supposed hacks resulting in nearly 109 Ether (ETH) worth around $178,000 being drained from four users in under&#8230;<\/p>\n","protected":false},"author":1,"featured_media":593151,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/images\/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjMtMTAvOTc5ZDgyNDItNzdmZi00ZDhmLWFmZjEtYjg3YTk1MTQ0YjBkLmpwZw==.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[74894,74882,82607,117,75134,4976],"class_list":["post-593150","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-blockchain","tag-hacks","tag-sim-card","tag-business","tag-phishing","tag-social-media"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/593150","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=593150"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/593150\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/593151"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=593150"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=593150"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=593150"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}