The decentralized social network Friend.tech was again the target of a wave of SIM swap attacks, resulting in a loss of $385,000 in Ethereum for four users.
Crypto sleuth ZachXBT tracked down the on-chain movement to the same hacker who drained the accounts of the four victims in less than 24 hours.
SIM swapping is a tactic where hackers trick mobile carriers into transferring a user’s phone number to their SIM card. With the number, they can then access online accounts linked to that number.
“Got sim swapped,” user Sumfattytuna posted. “Apparently dude was able to do it from an Apple store and switched it to an iPhone SE. Don’t buy my keys, that wallet is compromised”.
KingMgugga also reported in real-time being hacked. “And I’m getting f*** sim swapped watching it happen!!! Anything anyone know that I can do?!!,” he wrote.
Earlier this week, four other Friend.tech users claimed to have their accounts drained due to a SIM swap, totaling around 109 ETH stolen.
When reached out by Decrypt, Friend.tech didn’t immediately reply.
In response, Friend.tech announced implementing a new feature that lets users log into their accounts without the need to use their phone numbers.
Following the series of attacks, crypto investment firm Manifold Trading issued a warning on X on Tuesday, explaining that if an attacker gained access to a Friend.tech account they could “rug the whole account.”
“If you assume 1/3 of Friend.tech accounts are connected to phone numbers, that’s $20M at risk from SIM swaps,” they added.
The rise of SIM swap attacks
SIM swap attacks, especially in crypto, are on the rise.
Last August, data from FTX, BlockFi, and Genesis were exposed in attacks aimed at Kroll, the vendor responsible for overseeing creditor claims for the insolvent businesses.
Kroll mentioned that this complex SIM Swap attack targeted one of their employees’ phones.
In September, Vitalik Buterin, Ethereum’s co-founder, was also targeted by a SIM swap attack. He shared on the decentralized social network, Warpcast, that hackers manipulated Twitter to reset his password, granting them access to his account and its 4.9 million followers.
Symptoms of a SIM swap usually appear within 24-48 hours, with victims not receiving calls or texts or being unable to access online accounts.
A recommended precaution is to use authentication apps like Google Authenticator rather than SMS-based two-factor authentication.