Some users of Friend.Tech, a social media network built on Coinbase’s Base blockchain, have reported cases of SIM swap-related exploits resulting in the loss of their assets. The hacker reportedly exploited the 2-factor verification flaws of the social network to steal assets worth hundreds of dollars, according to those who have escalated the situation.
The exploit has raised concerns about the decentralized nature that the network claims to possess. The founder of SlowMist reiterated his stance on the centralized realism of Friend.Tech, stating that the configuration of the network attracted hackers.
“In the past few days, some users have had their ft (friend.tech) accounts hacked and their assets stolen. As I said before, ft is centralized, and there is a risk of information leakage (this risk has always existed). Your ft account is either registered with a mobile phone number, a Gmail email address, or an Apple account. There is not even a 2FA. Of course, perpetrators are keeping an eye on these bad attack methods,” the SlowMist founder tweeted.
Hackers Utilized SIM Swap
One user, Daren, narrated how hackers exploited his account using a SIM swap. According to the user, the hacker sold 34 of his keys and gained access to the wallets of all the users holding his keys. The hacker then stole 22 ETH from his Friend.Tech wallet.
During the hack, Daren stated that she received several calls from spam numbers, prompting him to put his phone on silent. He later discovered that he missed a message from Verizon informing him of an attempted exploit on his account and found his wallet empty.
Daren pointed out that if a Friend.Tech user opened their Twitter account with their real name, hackers could easily extract their phone numbers and hack their accounts. Thus, he insinuated that users should open their Friend.Tech accounts with a different phone number from those on social media.
Number Lock
Another user stated that Verizon had a number lock feature that could avert SIM swaps to a reasonable extent. According to the user, the new addition could provide an added layer of protection for number porting.
“In case anyone didn’t know, Verizon implemented a new feature, Num Lock, in effort to combat SIM swap. Not full proof but an added layer of protection,” the user tweeted.
