In less than a day, a single scammer has reportedly stolen approximately $385,000 worth of Ethereum (ETH) as part of a series of SIM-swap attacks primarily targeting users of Friend.tech.
On October 5, a blockchain investigator ZachXBT revealed that the same scammer had stolen 234 ETH within the past 24 hours by SIM-swapping four distinct Friend.tech users.
The on-chain movement of cryptocurrency assets on the blockchain confirmed that all these thefts were connected to the same hacker who had emptied the accounts of these four victims.
One user named “KingMgugga” on the platform X reported that they were currently experiencing an attack in real-time. They posted that they were in the process of being subjected to a SIM-swap attack and urgently requested assistance.
At the same time, another user on X, “holycryptoroni,” confirmed that they were also a victim of a similar attack and expressed regret by saying, “I got swapped, sorry.”
Earlier this week, an additional four users of Friend.tech reported that their accounts had been compromised due to either SIM-swap or phishing attacks. Collectively, these incidents resulted in the theft of approximately 109 ETH from these users.
Friend.tech lets users buy “keys” to access private chat rooms with specific individuals.
The SIM-swap scam happens when criminals get control of someone’s phone number and use it to get into their social media and cryptocurrency accounts.
Manifold Trading, a firm building tools for the ecosystem, thinks that out of the $50 million that people have put into Friend.tech, about $20 million could be in danger because of this scam.
They are suggesting that Friend.tech should make its accounts more secure by adding something called two-factor authentication (2FA).