The security of Friend.Tech users’ funds are in question due to a wave of reported compromised accounts and the subsequent loss of funds through SIM-swap attacks and hacks.
In an Oct. 3 post on X (formerly Twitter), a victim, Daren, revealed how he was SIM swapped and robbed of 22 ETH.
Daren mentioned that due to a series of spam calls, he enabled the silent mode on his phone. Unfortunately, this caused him to overlook a critical notification from Verizon regarding suspicious activity on his account. He added:
Another victim, Dipper, explained that their FT account was compromised despite their use of a strong password. However, that could not stop the attacker, who siphoned all the keys and funds in the wallet to another. Dipper claimed to have lost 6.5 ETH to the incident.
Friend.Tech’s platform security questioned.
Following the attacks, SlowMist founder Cos said Friend.Tech’s centralization risks information leakage because the platform requires users to register with a mobile phone number, a Gmail email address, or an Apple account. He added:
This view was also shared by crypto trading firm Manifold Trading, which stated that “any hacker [that] gains access to a FriendTech account via simswap/email hack, can rug the whole account.”
According to Dune Analytics data, Friend.Tech has enjoyed a viral growth that has seen the total value of assets locked on the platform balloon to over 30,000 ETH, around $50 million.
These security concerns pose a significant threat to Friend.Tech users’ funds. Manifold’s assessment indicates that a minimum of $20 million in the platform users’ assets may be vulnerable to sim-swap attacks.