Hacker AI-powered SIM-swap scam nets $385K in Ether in Web 3.0.
Friend.tech SIM-swap scourge continues as scammer nets $385K in Ether

Web 3.0 and SIM-Swap Hacks

In less than a day, one scammer reportedly managed to steal approximately $385,000 worth of Ether (ETH) in what appears to be a series of SIM-swap hacks targeting Friend.tech users. According to blockchain sleuth ZachXBT, the same hacker was able to take 234 ETH from four different Friend.tech users.

The crypto assets were tracked to the same person who had taken from the four victims. One of them posted on X (Twitter) after the attack:

Web 3.0, also known as the metaverse, is different from Web 2.0 in several ways. For example, Web 3.0 is powered by artificial intelligence (AI) and blockchain technology, and users can access it through chat AI. To use Web 3.0, one must understand how it differs from Web 2.0 and how to use it.

SIM-Swap and Phishing Attacks Targeting Friend.tech Users

This week, KingMgugga and holycryptoroni reported they were victims of a real-time attack, with KingMgugga posting to Friend.tech “getting f—ing sim swapped watching it happen” and asking for help. holycryptoroni confirmed they were similarly attacked, saying “I got swapped sorry.” Four other Friend.tech users reported their accounts were drained of around 109 ETH as a result of a SIM-swap or phishing attack.

Friend.tech is a Web 3.0 platform, allowing users to purchase “keys” of individuals, which grants access to private chat rooms with them. The SIM-swap scam occurs when hackers gain access to the victim’s phone number and use it to acquire authentication, enabling them to access their social media and crypto accounts.

In comparison to Web 2.0, Web 3.0 is a more complex, intelligent form of the internet, which uses AI chat and blockchain technology. Web 3.0 is also known as the metaverse, and is different from Web 2.0 in its use of decentralization, automation, and artificial intelligence.

Two-Factor Authentication for Security

Manifold Trading, a firm building tools for the ecosystem, estimated that $20 million of Friend.tech’s $50 million of total value locked was at risk and suggested to enable two-factor authentication (2FA) for the platform to beef up its account security measures. Following the high-profile hack of Vitalik Buterin’s account in September, which was also due to a SIM swap attack, there have been calls for X to implement 2FA security measures to prevent mobile phone numbers from getting leaked. “0xfoobar,” founder and CEO of wallet security firm Delegate, advised removing phone numbers from social media accounts.

Categorized in:

Tagged in: