The decentralized social platform Friend.tech is facing a wave of SIM swap attacks that have drained approximately $385,000 in Ethereum from user wallets, highlighting critical security gaps in how cryptocurrency holders protect their mobile identities. As Bitcoin trades near $27,983 and Ethereum holds at $1,733, the attacks remind the crypto community that the weakest link in any security chain is often the human element — specifically, the mobile phone number tied to two-factor authentication.
The Exploit Mechanics
SIM swap attacks, also known as SIM jacking, occur when an attacker convinces a mobile carrier to port a victim’s phone number to a new SIM card under the attacker’s control. Once the phone number is hijacked, the attacker can intercept SMS-based two-factor authentication codes, reset passwords, and gain access to cryptocurrency wallets and exchange accounts.
In the Friend.tech attacks, the perpetrators specifically targeted users known to hold significant cryptocurrency balances. The attackers leveraged publicly available information from social media profiles and blockchain analytics to identify high-value targets. By combining social engineering techniques with insider access at mobile carrier stores, they successfully executed port-out requests without the victims’ knowledge.
The attack chain typically follows a predictable pattern: reconnaissance of the target’s online presence, collection of personal information, contact with the mobile carrier through a fraudulent impersonation, and finally, the SIM port execution. Once completed, the attacker has a narrow but critical window to access accounts before the victim notices their phone has lost service.
Affected Systems
The Friend.tech platform, built on Base (Coinbase’s Layer 2 network), relies on phone numbers as a primary authentication mechanism for many of its users. This design choice created a single point of failure that attackers exploited with devastating efficiency. At least a dozen users reported losses ranging from several thousand dollars to over $100,000 in Ethereum.
Beyond Friend.tech, the SIM swap vulnerability extends to any platform that uses SMS-based two-factor authentication. Centralized exchanges like Binance, Coinbase, and Kraken have all seen users fall victim to similar attacks over the past year. The growing interconnectedness of crypto platforms means that a single compromised phone number can cascade into multiple account breaches across different services.
The attacks also exposed weaknesses in mobile carrier verification procedures. Despite years of warnings from cybersecurity experts, many carriers still lack robust authentication for SIM port requests, making social engineering attacks relatively straightforward for determined attackers.
The Mitigation Strategy
Security researchers recommend several immediate actions for crypto users. The most critical step is migrating away from SMS-based two-factor authentication to authenticator apps like Google Authenticator, Authy, or hardware security keys like YubiKey. These methods generate one-time codes locally, making them immune to SIM swap attacks.
Additionally, users should request a SIM port lock or port freeze from their mobile carrier. This adds an extra layer of verification before any port-out request can be processed. Major carriers including AT&T, Verizon, and T-Mobile offer this feature, though it is not enabled by default and must be explicitly requested by the account holder.
For Friend.tech users specifically, the platform has been urged to implement alternative authentication methods that do not rely on phone numbers. Multi-signature wallets and biometric verification are among the proposed solutions that could prevent similar incidents in the future.
Lessons Learned
The Friend.tech SIM swap attacks underscore a fundamental truth in cryptocurrency security: the most sophisticated blockchain cryptography can be rendered useless by a simple phone call to a mobile carrier. As the crypto ecosystem grows, with Bitcoin commanding a market cap exceeding $545 billion and the total market approaching $1.1 trillion, the financial incentives for attackers will only increase.
The incidents also highlight the importance of operational security (OPSEC) for crypto holders. Maintaining a low profile about cryptocurrency holdings, avoiding the linking of phone numbers to high-value accounts, and using dedicated devices for crypto transactions are all practical measures that can significantly reduce attack surface.
User Action Required
If you are a Friend.tech user or hold cryptocurrency in any account protected by SMS-based two-factor authentication, take action immediately. Disable SMS 2FA, enable authenticator app-based verification, request a SIM port lock from your carrier, and consider transferring significant holdings to a hardware wallet. The $385,000 lost in these attacks is a stark reminder that convenience and security rarely coexist in the world of digital assetup>
Disclaimer: This article is for informational purposes only and does not constitute financial or security advice. Always conduct your own research before making security decisions regarding your cryptocurrency holdings.
385k drained from friend.tech users and the platform still relies on phone numbers for auth. sms 2fa is security theater and this proves it
SIM swap attacks are not new but friend.tech made it worse by linking wallets to social profiles. Attackers knew exactly who to target.
lost 2 eth in one of these attacks. t-mobile gave my number to someone in a store 500 miles away. unreal
use a hardware 2fa key. yubikey costs 50 bucks and makes sim swaps useless. no excuse in 2023
yubikey is the answer but platforms need to make it default. sms 2fa should be deprecated entirely for anything holding funds
same thing happened to my buddy. carrier store didnt even verify ID properly. these companies need to be held liable for negligent SIM swaps
friend.tech was a hype bubble anyway. the social token model incentivized speculation over actual community. not surprised it attracted predators