Friend.Tech and SIM Swap Attacks: A Tech Deep Dive

Cyberscope
5 min readOct 13, 2023

Introduction

Friend.Tech is the new buzzword in the world of online communities. But before you dive into this decentralized social network, let’s take a tech-savvy deep dive to understand what it’s all about and learn how to protect yourself from SIM swap attacks.

What’s Friend.Tech?

Friend.Tech is a decentralized social network, which is a fancy way of saying it’s a place where you can connect with friends and other users in a different, more tokenized way. It allows you to invest in your friend’s social network or any group of users and turn their popularity into a digital token.

The Basics

At its core, Friend.Tech revolves around two key terms: “Shares” and “Keys.” Shares give you access to special influencer chat rooms and exclusive content. Keys are like tickets to enter these private chats.

How to Get In

Joining Friend.Tech is not as simple as just signing up with your email. It’s a bit more exclusive and cryptic. First, you need an invitation from an existing member. Each registered user has three invitation codes to share, so you’ll need to find someone willing to hook you up. You might stumble upon these codes on Reddit or Twitter.

Once you’ve got an invitation, it’s time to get techy. You’ll need to visit the Friend.Tech link from your mobile browser. Make sure your Android or iOS is up to date. Look for the “Share” button and tap “Add to Home Screen.” This turns it into an app-like icon on your phone’s home screen.

Linking Up

After you’ve installed Friend.Tech on your home screen, it’s time to link it to your Google and Twitter (now X) accounts. This step connects your Friend.Tech profile with your existing social media presence.

Ethereum and BASE

To make this tech adventure possible, you need to bridge some Ether (ETH) from the Ethereum mainnet or Arbitrum to your Base wallet address. This step requires a minimum of 0.01 ETH, so you’ll need a little digital currency in your wallet.

Security and Privacy

Now, let’s talk about the elephant in the room: security and privacy. Friend.Tech, like any online platform, has its own set of concerns.

Privacy Worries

One concern is privacy. Linking your Twitter (X) account might expose you to potential security risks. To protect your privacy, it’s advisable to disconnect “X” from connected apps in your settings.

A word of caution, though. There was a rumor of a “Leaked Database” linked to Friend.Tech, but it turned out to be a misunderstanding. All the information used was already public, so it looks like there wasn’t a data breach after all.

Mobile vs. Desktop

Using Friend.Tech on a smartphone comes with some risks too. Your smartphone might contain sensitive information, so granting access to a new app might not be the best idea. A workaround is to use Friend.Tech on a computer. On Mac, you can open developer tools with “Option + Command + I” and select “Android device” to make the browser compatible with Friend.Tech. For Windows devices, this is handled automatically.

Security Concerns

Friend.Tech’s co-founder credentials have raised some questions. There’s been talk about potential security fraud and associations with a failed NFT rugpull project called Kosetto.

One savvy user back-engineered the backend and found a few concerns. For instance, there isn’t any “bot” protection on the backend, and wallet keys reside on Friend.Tech’s server. This makes them partially custodial, which could be vulnerable to hacks.

To top it off, the website lacks a clear privacy policy, which might leave some users feeling uneasy.

Staying Safe from SIM Swap Attacks

Despite the concerns about Friend.Tech’s security, there’s an additional threat to be aware of: SIM swap attacks. SIM swapping, often referred to as SIM jacking, is a deceitful method used to illicitly access someone’s mobile number. This scheme unfolds when a cyber-criminal persuades your mobile service provider to transfer your phone number to another SIM card, typically one they possess. Upon success, all calls, texts, and internet functions are redirected to the new card, rendering the old one ineffective.

The Warning Signs

A SIM swap attack is a serious breach of privacy. However, it isn’t always complex to execute. Perpetrators can do it from the comfort of their homes, provided they possess a SIM card, make a phone call to your service provider, and have access to your personal information.

This personal data can be harvested from your social media profiles, purchased on the black market from hackers, stolen through phishing emails and websites, or acquired through direct social engineering tactics aimed at deceiving victims into disclosing their personal details.

What Happens After a SIM Swap Attack on Friend.Tech?

After falling victim to a SIM Swap attack, the best thing you can do is to contact your service provider directly. They’ll be able to provide more information and even deactivate the fraudulent actor’s SIM card if you are a victim.

There is no way to undo the results of the attack unless you get the service provider to deactivate the SIM card immediately. As the attacker could have gained access to your Friend.Tech keys (and wallet), they can sell off everything and transfer the stolen funds to a wallet in their possession.

You could get your keys back once you take control of your SIM card and report that your social media account(s) were compromised. However, the damage can be irreversible in some cases, depending on your reaction time.

In Conclusion

The world of Friend.Tech is exciting and filled with opportunities, but it’s crucial to tread carefully, protect your privacy, and stay safe in this new digital playground. And remember, not only do you need to watch out for online security on Friend.Tech, but you should also be vigilant against SIM swap attacks that can compromise your personal information. Stay informed, stay secure, and enjoy the tech journey responsibly.

Originally published on www.cyberscope.io

--

--

Cyberscope

One of the leading auditing firms, having audited more than 500+blockchain projects and NFTs. Official partners of all major crypto launchpads.