Home / News / Crypto / News / Friend.Tech Sim Swap Attacks: How to Keep Your Crypto Safe From the Hacker Who’s Stolen $385K in ETH
4 min read

Friend.Tech Sim Swap Attacks: How to Keep Your Crypto Safe From the Hacker Who’s Stolen $385K in ETH

Last Updated October 6, 2023 1:30 PM
James Morales
Last Updated October 6, 2023 1:30 PM

Key Takeaways

  • Four Friend.Tech users have been hacked for a combined 234 ETH.
  • A single hacker appears to have targeted the social network.
  • He used an attack vector that takes control of a user’s SIM card to bypass 2-factor authentication.

A recent spate of SIM swap attacks has targeted Friend.Tech users, with the hacker stealing 234 ETH worth over $382,000.

With the perpetrator still at large, users should remain vigilant. Thankfully, there are some security best practices you can follow to minimize the risk of SIM swapping.

Friend.Tech Users Hacked for 234 ETH

In the latest SIM swap attacks, 4 Friend.Tech users were hacked  for a combined 234 ETH.

Blockchain sleuth Zach XBT has noticed that recent hacks seem to originate from a single malicious actor who has transferred funds to 2 crypto wallets.

What is SIM Swapping?

SIM swapping refers to a type of cyber attack whereby hackers take over your cell number in order to bypass two-factor authentication (2FA).

Such attacks take advantage of the ability to port a number from one SIM card to another, allowing hackers to dupe 2FA protocols even though they don’t have control over your mobile device.

With SIM-based 2FA popular among crypto wallets, internet banking, and mobile money apps, SIM swapping poses a serious threat, and it is important to know how to protect yourself.

Four Ways to Protect Yourself

The best way to protect your crypto and financial accounts is to prevent malicious actors from gaining control of your cell number in the first place.

Whether you use Fiend.Tech or not, to help protect yourself from SIM swap attacks, it pays to follow these four security tips.

Enable Account Takeover Protections

Depending on which country you live in, mobile network service providers have different duties and obligations when it comes to protecting their customers.

However, regardless of where you live, most providers can put protections in place to ensure that only the account holder is able to port a number from one SIM to another.

It is worth keeping in mind that not all providers enforce additional security measures by default, so you may need to get in touch or change your security settings if you want to enable password protection or enhanced identity verification for SIM port requests. 

Always Enable Biometric Authentication

These days, more secure multi-factor authentication methods are increasingly replacing SIM-based 2FA.

Rather than simply relying on passwords and SMS verification, the most secure verification technologies incorporate device data and biometric authentication to ensure that only you can gain access to your accounts.

Although biometric authentication isn’t the default verification method for many applications, it should always be enabled if you want to ensure maximum protection.

Be Wary of Phishing Scams

For hackers to carry out a SIM swap attack, they must first convince your mobile network operator to port your number. 

To do this, they need to convince someone who works for the operator that they are, in fact, you, usually by presenting them with sufficient personal information.

In 2023, phishing is one of the most common ways for malicious actors to collect identifying information, including your passwords, address, phone number and email address.

Avoid phishing by never clicking on suspicious links or attachments and by always checking that the organization asking you for personal information is who they say they are.

Remember that emails, text messages, and WhatsApp chats can all be manipulated to make it appear as if they come from a legitimate organization. If in doubt, double-check with the organization to confirm what their official website and/or contact details are.

Don’t Overshare Personal Information Online

As well as remaining vigilant against phishing threats, you can protect your personal information by getting into the habit of only sharing it when absolutely necessary.

For example, when divulging your personal details, question whether you need to share your full name, email address, and phone number every time. If not, limit the information you share to the bare minimum.

Was this Article helpful? Yes No