Friend.tech reports multiple users hacked, cybersecurity firm SlowMist warns: Beware of SIM card swap attacks.
In recent days, the social platform friend.tech has experienced a series of user hacking incidents. Cybersecurity firm SlowMist has once again urged users to "register with a phone number" and warned that "lack of 2FA verification" makes accounts vulnerable to hacking. However, it is also not ruled out that this could be a staged performance by a Key Opinion Leader (KOL) unable to empower themselves.
Table of Contents
SlowMist: friend.tech Targeted by Hackers
Founder of cybersecurity firm SlowMist, Yu Xian, tweeted a warning about users on the social platform friend.tech experiencing hacking incidents.
He stated:
Your ft account is either registered with a phone number, Gmail email, or Apple account, without even 2FA authentication. Malicious actors are naturally targeting these vulnerable attack vectors.
这几天陆续有用户出现 ft(https://t.co/xvDZPEKscJ) 账号被黑资产被盗情况,之前说过 ft 是中心化的,而且有信息泄露风险(这个风险一直存在)。你的 ft 账号要么是手机号注册,要么是 Gmail 邮箱或 Apple 账号,连个 2FA 都没,作恶者们当然紧盯着这些玩烂的攻击方式。 https://t.co/Pxzfefw0ZA
— Cos(余弦)😶🌫️ (@evilcos) October 3, 2023
SIM Card Swap Attack
Yu Xian retweeted a user @darengb who was hacked for 22 ETH due to a SIM card swap attack.
@darengb claimed that all 34 of his own Keys were stolen, and the remaining ETH in his wallet was also depleted.
If a user's Twitter account can lead to their real name being found, their phone number can be discovered, and the hacker's attack process is very rapid:
In the morning, continuous spam emails were received, @darengb found it too noisy, so he set his phone to silent mode.
U.S. telecommunications company Verizon notified via text that someone was trying to access the ft account.
ft account has been hacked.
Note: "SIM card swap attack" typically involves hackers collecting personal information of a specific target, then deceiving telecommunications company staff to transfer the target user's phone number to a SIM card under their control, effectively taking over the "user's phone" to receive verification messages.
Prior to this, Vitalik confirmed that his Twitter was hacked due to a SIM card swap attack:
Vitalik: Twitter Hacked Due to "SIM Card Swap Attack," Enhancing Security Measures Across Various Apps
Hacked Despite Setting Complex Passwords for friend.tech Account
Another user, @d1pp3r_, was hacked for 6.5 ETH.
He claimed to have generated a 10-20 character long password using a password management tool, yet was still hacked, and he has not yet determined the reason for the breach.
However, he revealed to the community that the hacked wallet had exported private keys for integration with the multi-chain wallet Rabby.
Feigning Hacking Incidents as a Means for KOL to Exit?
Yu Xian also mentioned that since it is impossible to change the wallet address on friend.tech and its exclusive tie to Twitter, once hacked, it seems that the ft account is permanently disabled. Could this lead to staged incidents in the future?