Friend.Tech, a decentralized crypto application built on Coinbase’s layer-2, is facing a security crisis after several users reported being victims of a theft of their private keys. The hack, which resulted in a loss of 234 ETH (approximately $385,000), was carried out an individual who cloned the SIM cards of the affected users, gaining access to their crypto wallets on Base. Unfortunately, this is not an isolated incident, as earlier in the week, abnormal transactions were reported on other users’ wallets, resulting in a 109 ETH loss.

The attack method employed in these hacks is known as SIM swapping. It involves cloning SIM cards and using them topass security measures to gain access to social accounts. The hacker in this case used this technique to transfer the victims’ data to an iPhone SE, taking advantage of vulnerabilities in Apple Store processes.

The implications of these security breaches are significant for Friend.Tech. In total, $50 million belonging to over 28,000 users is at risk. This comes at a time when the platform has seen a surge in transactions and inflow, with fees generated reaching 11,764 ETH (worth over $19 million) and a new record of 616 ETH in fees on September 14.

Friend.Tech’s response to these security issues is crucial in order to maintain the trust of its users and prevent further attacks. Manifold Trading, a software development company, has suggested implementing two-factor authentication (2FA) to mitigate the risk. This additional layer of security is widely used in digital services, particularly on cryptocurrency exchanges.

In response to the recent hacking incidents, Friend.Tech has quickly introduced a new feature to combat compromised wallets. This feature eliminates specific access options, such as phone numbers, reducing the vulnerability to SIM-swapping attacks. However, there have been reports from users who are unable to access their Friend.Tech accounts, even after implementing the updates. This has raised concerns about the possibility of hackers still compromising accounts and emptying crypto wallets.

Friend.Tech must address these security concerns promptly to restore confidence in its platform and prevent further losses. Failure to do so may result in a decline in user activity and damage the project’s credibility.

Sources:

– SIM Swapping: [source]

– Manifold Trading: [source]