A hacker has stolen approximately $385,000 worth of digital assets in the past 24 hours by performing SIM-swapping attacks on friend.tech users.
In a recent post on X (formerly Twitter), blockchain sleuth ZachXBT revealed the scammer had pilfered 234 ETH over the past 24 hours by SIM-swapping four different friend.tech users.
Following the incident, X user @sumfattytuna revealed that they were one of the victims of the most recent chain of SIM-swap attacks.
“Got sim swapped. Apparently, dude was able to do it from an Apple store and switched it to an iPhone SE. Don’t buy my keys, that wallet is compromised," the user posted to X.
The recent wave of SIM-swap attacks comes as another group of friend.tech users lost all their funds after falling victim to the same attack earlier this week, resulting in around 109 ETH stolen.
According to Manifold Trading, a company dedicated to developing tools for the industry, $20 million out of friend.tech's total locked value of $50 million is at risk.
"If you assume 1/3 of FriendTech accounts are connected to phone numbers, that's $20M at risk from sim-swaps," the company wrote in a recent post on X.
Manifold Trading also noted that friend.tech's current setup "technically allows a rogue dev to reconstruct private keys via Shamir-Secret-Sharing shares that they can recover from user data in their database," concluding that the whole TVL is at risk.
To mitigate this risk, Manifold Trading recommends that friend.tech enhances its account security protocols by implementing two-factor authentication (2FA).
Friend.tech offers users the opportunity to acquire "keys" that provide entry into exclusive chat rooms with specific individuals.
The SIM-swap scam is a fraudulent scheme where scammers
Read more on cryptonews.com