A new wave of SIM-swap exploits has allowed scammers to steal around $385,000 worth of Ethereum from additional Friend.tech users this week. Several influential accounts on the social app claimed they were hacked via SIM-swapping, with the attackers draining Ether funds from their wallets.
Friend.tech itself was not directly hacked; the attacks targeted individual users by hijacking their phone numbers. SIM-swapping is when criminals gain control of a user’s phone number and use it to access online accounts.
Scammers utilizing Friend.Tech’s popularity
Over 100,000 users have joined Friend.tech since its launch this year. The app lets people purchase access to private chat groups with crypto influencers. However, its popularity has made it a target for SIM swap attacks.
Earlier this week, a hacker stole over $385,000 from four users in similar attacks. The same scammer is suspected in this latest string of thefts based on tracking the flow of the stolen Ether.
In response, Friend.tech has introduced new login options to help prevent SIM swap-based account takeovers. But security experts say users should take steps like enabling two-factor authentication to better protect themselves.
The incidents underscore the ongoing threat of SIM-swap attacks on crypto holders. By gaining control of phone numbers, hackers can get around account security measures. Over $400,000 worth of Ethereum has now been stolen from Friend.tech users in just a few days.