Crypto-based social media platform FriendTech added the ability to switch from phone number to email. This change comes after several reports of SIM swap incidents in which FriendTech users saw funds from their accounts being taken.
Over the last week, at least six FriendTech have claimed to have experienced SIM swap attacks. In these incidents, attackers accessed user accounts and liquidated their keys, a form of social tokens linked to influencers on the platform, bestowing certain benefits to its holders.
A SIM swap attack occurs when an individual persuades a telecom provider to shift a victim’s phone number to a new SIM card under the perpetrator’s jurisdiction. With this control, the attacker can intercept the victim’s text messages and calls.
On October 3, two such incidents were reported, resulting in a purported loss of 42 ETH (equivalent to $70,000). Within the last day, another four FriendTech users became targets, enabling attackers to accumulate gains of approximately $385,000, as noted by on-chain investigator ZachXBT.
Understanding SIM swap attacks
Ouriel Ohayon, the co-founder and CEO of Zengo wallet, explained that attackers can pinpoint SIM swap victims amongst FriendTech users by leveraging information from their public X accounts.
As FriendTech associates users’ X profiles, data about specific users can be inferred from accessible on-chain records. This data can be subsequently juxtaposed with previous data breaches to obtain phone numbers, facilitating attackers in orchestrating SIM swap attempts with telecom providers, Ohayon explained.
Update: The headline has been updated for clarity.
© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.