Friend.tech, a Web3 social networking platform that launched in August 2023, has been hit by a series of hacks and scams that have resulted in the loss of thousands of dollars worth of cryptocurrency for its users.
The platform, which allows users to create, buy, and sell digital keys that grant access to exclusive content and communities, has been criticized for its lack of security measures and its centralized nature.
According to user reports, some of the incidents involved SIM swap attacks, where hackers were able to access users’ phone numbers and intercept their login authentication messages.
By exploiting the public information that users linked to their Friend.tech accounts, such as their Twitter handles, the hackers were able to gain access to their Friend.tech wallets and drain their funds.
One user claimed to have lost over 20 ETH (about $32,000 at the time of writing) after a SIM swap attack.
Other incidents involved phishing schemes and sales of fake access keys, where scammers tricked users into revealing their account details or buying fake keys that did not grant them any access or benefits.
Some scammers also used stolen keys to sell off users’ assets or rug their followers.
Security experts pointed out that Friend.tech lacks two-factor authentication (2FA), a basic security feature that requires users to provide two verification credentials for account access, such as a password and a temporary security token.
Without 2FA, users are more vulnerable to SIM swap attacks and other hacking methods
The platform has also been accused of relying on a single authority or server to manage its operations and data.
This contradicts the principles of Web3, which aims to create a decentralized and open web that is owned and controlled by its users.
Some users have also raised privacy concerns about Friend.tech’s integration with X, a service that verifies users’ identities using their real names and phone numbers.
They argued that linking an account to a real name can expose users to potential attacks and data breaches.
Friend.tech has not issued any official statement or response regarding the hacks and scams.
Although, the platform claims to have over 312,000 members and to have generated more than $18 million in revenue since its launch.