Security-conscious Friend.tech users have the option to fortify their accounts with a two-factor authentication (2FA) safeguard.
Amid a wave of SIM-swap attacks targeting its users, the brilliant minds behind the decentralized social media platform, Friend.tech, have introduced an additional layer of security.
In a post dated October 9, shared on X (formerly Twitter), the Friend.tech team shared the good news, stating, “Now, you can bolster the security of your Friend.tech account with a 2FA password. This added protection becomes invaluable in case your cellular carrier or email service ever falls into the wrong hands.”
Whenever Friend.tech users log in on new devices, they will be prompted to set up an additional password.
A word of caution from Friend.tech: Neither the Friend.tech team nor the Privy team have the ability to reset these passwords, so use this feature judiciously.
The implementation of this latest change comes on the heels of several SIM-swap attacks directed at Friend.tech users since September.
“Froggie.eth” became one of the initial Friend.tech users to suffer a SIM-swap attack on September 30, and this unfortunate incident sounded the alarm for others to stay vigilant.
In the following days, more Friend.tech users came forward with similar harrowing tales. The collective toll was estimated at 109 Ether, equivalent to roughly $172,000, stolen from four users within a week. A mere few days later, another four users fell victim, with a staggering $385,000 worth of Ether disappearing.
In an effort to mitigate the risks associated with SIM-swap exploits, Friend.tech had already updated its security on October 4, enabling users to add or remove various login methods.
Critics had voiced their concerns, pointing out that Friend.tech could have implemented this solution sooner. One user exclaimed, “Finally,” while another echoed, “Took you long enough.”
Yet amidst the critique, a prominent creator on Friend.tech, “0xCaptainLevi,” remained optimistic. He emphasized that two-factor authentication (2FA) is a game-changer and has the potential to propel the social media platform to unprecedented heights.
In an October 8 thread on X, Blockworks founder Jason Yanowitz disclosed one of the methods used in orchestrating SIM-swap attacks. The process involves a text message that solicits a user for a number change request. Users can respond with “Yes” to authorize the change or “No” to reject it.
Should the user respond with “No,” they will then receive a genuine verification code from Friend.tech and be prompted to send that code to the scammer’s number.
“If we don’t receive a response within 2 hours, the change will proceed as requested,” a subsequent message warned.
Jason Yanowitz offered a stark warning, stating, “In reality, if I sent the code, my account would be wiped.”
As of now, the total value locked on Friend.tech stands at $43.9 million, representing a 15.5% decrease from its all-time high of $52 million on October 2, according to DefiLlama.
