In response to a series of SIM-swap attacks on Friend.tech users, the team behind the decentralized social media platform has introduced an additional security feature. Users now have the option to implement a 2FA (Two-Factor Authentication) password to enhance their account’s protection in case their cell carrier or email service is compromised.
When signing into new devices, Friend.tech users will be prompted to add this additional password. It’s important to note that neither the Friend.tech nor Privy teams can reset these passwords, so users are advised to exercise caution when using this feature.
You can now add a 2FA password to your https://t.co/YOHabcBL3H account for additional protection if your cell carrier or email service becomes compromised.
— friend.tech (@friendtech) October 9, 2023
Neither the friendtech nor Privy teams can reset these passwords, so please use care when using this feature pic.twitter.com/g0m2E4att2
This security enhancement comes after a spate of SIM-swap attacks on Friend.tech users in September, which saw multiple users fall victim to such exploits. In response to these incidents, Friend.tech had already made security updates on October 4, allowing users to add or remove various login methods to mitigate the risk of SIM-swap attacks.
The implementation of 2FA on Friend.tech has been met with mixed reactions from users. While some have expressed relief that the feature has been introduced, others criticized the platform for not implementing it sooner. Prominent creator “0xCaptainLevi” emphasized the significance of 2FA in enhancing the platform’s security.
Additionally, Blockworks founder Jason Yanowitz shed light on one method used in SIM-swap attacks, where scammers initiate a text message requesting a number change. Users who respond with “No” are subsequently sent a genuine verification code from Friend.tech, with the intention of tricking them into sending the code to the scammer’s number. Yanowitz shared his experience and emphasized the risks involved in such attacks.
Someone is trying to hack my @friendtech
— Yano 🟪 (@JasonYanowitz) October 8, 2023
1) Text sent saying they’re changing my number
2) I respond no
3) They say to confirm no, send the verification code
4) Receive actual verification code from friend tech
5) After no response, they text again saying they’ll auto… pic.twitter.com/j76vI969jP
The total value locked on Friend.tech currently stands at $43.9 million, representing a 15.5% decrease from its all-time high of $52 million on October 2, according to DefiLlama. The introduction of 2FA is expected to contribute to the platform’s security and overall user experience.
ALSO READ
- Friend.tech Investigates Report of User Data Leak
- Friend.tech Defi Platform Recovers as TVL Tops $20M
- Debate over 2FA using SMS after SIM-swapping victim sues Coinbase