Friend.tech introduces Friendchain, which will use $FRIEND as its gas token. Users can also participate in the testnet event for potential rewards.
The post Friend.tech develops Friendchain, uses $FRIEND as gas token appeared first on Crypto Briefing.
Racer, a co-founder of Friend.tech – a socialfi network – has posted a bounty of $200K for anyone bringing an implementation allowing the migration of its platform off Base, the Coinbase incubated rollup Layer 2. Racer declared: “System design bounty: If you can figure out a way to migrate friendtech off of Base without causing […]
Base is already home to 46% of transactions related to SocialFi on-chain, but the asset manager says it has even more room to grow.
Trillion-dollar asset manager Franklin Templeton suggests “Base Season” has arrived with the rise of Social Finance (SocialFi) apps, with Base leading other Ethereum layer 2s in the vertical.
“[It is] positioning itself well to capture a material share of SocialFi activity and remain a leader in the Ethereum L2 sector going forward,” Franklin Templeton said in a May report.
About 46% of transactions related to SocialFi are on Base, which has increasingly stripped market share away from the BNB Chain and Polygon in recent months, according to one of the charts provided by Franklin Templeton.
Crypto users are increasingly turning attention to new SocialFi apps, but analysts say it’s probably too early to say whether “SocialFi season” has arrived.
Crypto users are clamoring to find the next big thing in the Social Finance (SocialFi) sector, according to analysts from K33 Research — who see it a growing corner of crypto despite being plagued by “perverse incentives.”
In a May 8 research report, K33 DeFi analyst David Zimmerman wrote that following a recent Firend.tech airdrop, crypto users are already looking to a new SocialFi app called Fantasy Top – built on Ethereum layer-2 network Blast — as the next potential opportunity.
Fantasy Top is a SocialFi game allowing users to buy and sell virtual trading cards of crypto-affiliated X accounts and use them to compete in tournaments. These tournaments are paying users for their activity on the platform in ETH, a reward token on Blast called GOLD, native “fan points” and additional packs of trading cards.
Friend.tech, the decentralized social media application on the Base network, recently launched its native token through an airdrop. Since trading commenced, the token has plummeted, dropping anywhere from 50% to 90% of its initial value across various decentralized exchange (dex) platforms, as reported by several different price aggregation websites. FRIEND Starts Strong but Value Plummets […]
The total value locked (TVL) on the decentralized social finance (SocialFi) application Friend.tech fell 19% in a few days as user adoption slows down. Friend.tech, which launched in August, is built on Base, an Ethereum (ETH) scaling solution supported by the Coinbase crypto exchange. The application allows users to tokenize themselves by selling shares or […]
The post Friend.tech Total Value Locked Plummets 19% in One Weekend As New User Count Stays Flat: On-Chain Data appeared first on The Daily Hodl.
The exploiter of the Web3 social media platform agreed to keep a 10% bounty in exchange for returning the remainder of the stolen funds.
Web3 social media platform Stars Arena says it has recovered nearly all of the crypto stolen from an Oct. 7 exploit — minus a 10% bounty to the person responsible.
In an Oct. 11 X (Twitter) post, Stars Arena said around 90% of the 266,000 Avalanche (AVAX) exploited, at the time worth around $3 million, was returned after reaching an agreement to give a 27,610 AVAX bounty worth nearly $257,000 to the exploiter.
The bounty also included compensation for 1,000 AVAX worth over $9,000 seemingly lost by the exploiter in a bridge.
UPDATE:
— Stars Arena (@starsarenacom) October 11, 2023
We have recovered approximately 90% of the lost funds.
We reached an agreement with the individual responsible for the recent security breach.
The funds have been returned in exchange for a 10% bounty fee + 1000 AVAX that was lost in a bridge.
Total funds lost:…
In a separate post, Stars Arena added it had written a new smart contract and before placing the returned funds and launching, it was finalizing an audit of the new contract.
Stars Arena first alerted its community to the exploit on Oct. 7, calling it a “major security breach” with its smart contract leading to funds being drained.
In a subsequent post, Stars Arena said it secured funding to plug the hole left by the exploit and it had contracted a development team to do a full security audit, though the team has yet to detail how the exploit took place.
Related: Galxe replacing 110% of funds users lost in recent front-end hack, over $400K
Days earlier, on Oct. 5, Stars Arena was hit by a smaller exploit, though hackers only made off with around $2,000, they claimed.
The exploit was caused by Stars Arena developers missing a vulnerable price function in the platform’s smart contract. This allowed the exploiter to sell user shares for nothing and get AXAX in return, pseudonymous X user “0xlilitch” explained in a post.
Stars Area claimed to have patched the vulnerability.
Users of Stars Arena’s main competitor, Friend.tech, have also seen targeted SIM-swap attacks with Friend.tech recently adding security features to mitigate the attempts.
Magazine: Recursive inscriptions — Bitcoin ‘supercomputer’ and BTC DeFi coming soon
The 2FA security measure is optional for Friend.tech users seeking additional security on the platform.
The team behind the decentralized social media platform Friend.tech has added a new security feature amid attempts to stem a flood of SIM-swap attacks targeting its users.
“You can now add a 2FA password to your Friend.tech account for additional protection if your cell carrier or email service becomes compromised,” the team explained in an Oct. 9 post on X (formerly Twitter).
Friend.tech users will be prompted to add another password in when signing onto new devices.
“Neither the friendtech nor Privy teams can reset these passwords, so please use care when using this feature,” Friend.tech added.
You can now add a 2FA password to your https://t.co/YOHabcBL3H account for additional protection if your cell carrier or email service becomes compromised.
— friend.tech (@friendtech) October 9, 2023
Neither the friendtech nor Privy teams can reset these passwords, so please use care when using this feature pic.twitter.com/g0m2E4att2
The latest change follows several SIM-swap attacks targeting Friend.tech users since September.
On Sept. 30, froggie.eth was among the first in a string of Friend.tech users to be compromised by a SIM-swap attack, urging others to stay vigilant.
got swim swapped for 20+ ETH (they drained my https://t.co/xb5o31p3Yy)... stay vigilant out there bros
— froggie.eth (@brypto_) September 30, 2023
set a PIN on your sim even if you don't think you need to
More Friend.tech users came forward with similar stories in the following days with an estimated 109 Ether (ETH), worth around $172,000, stolen from four users within a week. Another four users were targeted over a 24-hour period just days later, with another $385,000 worth of Ether stolen.
Friend.tech had already updated its security once on Oct. 4 to allow users to add or remove various login methods in an attempt to mitigate the risk of SIM-swap exploits.
Several observers criticized Friend.tech for not implementing the solution sooner.
“Finally,” one user said, while another said: “took you long enough.”
However, a prominent creator on Friend.tech, 0xCaptainLevi, was more optimistic, stressing that 2FA is a “big deal” and can help push the social media platform to unseen heights:
2FA is a big deal. Road to $100M TVL never seemed brighter❤️ https://t.co/bxd3V3M3mx
— Levi ⚡️ (@0xCaptainLevi) October 10, 2023
In an Oct. 8 X thread, Blockworks founder Jason Yanowitz revealed one of the ways the SIM-swap attacks are being orchestrated. The process involves a text message that asks the user for a number change request, where users can reply with “YES” to approve the change or “NO” to decline it.
If the user responds with “NO” — the user is then sent a real verification code from Friend.tech and is prompted to send the code to the scammer’s number.
“If we do not hear a response within 2 hours, the change will proceed as requested,” a follow-up message shows.
"In reality, if I sent the code, my account would get wiped," he said.
Someone is trying to hack my @friendtech
— Yano (@JasonYanowitz) October 8, 2023
1) Text sent saying they’re changing my number
2) I respond no
3) They say to confirm no, send the verification code
4) Receive actual verification code from friend tech
5) After no response, they text again saying they’ll auto… pic.twitter.com/j76vI969jP
Related: Friend.tech copycat Stars Arena patches exploit after some funds drained
The total value locked on Friend.tech currently sits at $43.9 million, down 15.5% from its all-time high of $52 million on Oct. 2, according to DefiLlama.
Cointelegraph reached out to Friend.tech for comment but did not receive an immediate response.
Magazine: Blockchain detectives — Mt. Gox collapse saw birth of Chainalysis
Leaked mobile phone numbers have given scammers an easy way to drain Friend.tech user accounts.
A single scammer has reportedly managed to steal around $385,000 worth of Ether (ETH) in less than 24 hours amid a scourge of SIM-swap hacks seemingly targeting Friend.tech users.
On Oct. 5, blockchain sleuth ZachXBT reported the same scammer had pilfered 234 ETH over the past 24 hours by SIM-swapping four different Friend.tech users.
The on-chain movement of crypto assets was traced back to the same hacker who drained the accounts of the four victims.
The same scammer profited $385K (234 ETH) in the past 24 hours off SIM swapping four different FriendTech users. pic.twitter.com/03BoBEqGax
— ZachXBT (@zachxbt) October 4, 2023
One of the reported victims of the most recent chain of SIM-swap attacks posted to X (Twitter) following the attack:
“Got sim swapped. Apparently, dude was able to do it from an Apple store and switched it to an iPhone SE. Don’t buy my keys, that wallet is compromised.”
X user “KingMgugga” reported an attack targeting them happening in real time, posting to X that they were “getting f---ing sim swapped watching it happen” and asking for help. Meanwhile, another X user, “holycryptoroni,” confirmed they were similarly attacked, lamenting, “I got swapped sorry.”
Earlier this week, a further four Friend.tech users claimed to have their accounts drained as a result of a SIM-swap or phishing attack, totaling around 109 ETH stolen.
I was just SIM swapped and robbed of 22 ETH via @friendtech
— daren (friend, friend) (@darengb) October 3, 2023
The 34 of my own keys that I owned were sold, rugging anyone who held my key, all the other keys I owned were sold, and the rest of the ETH in my wallet was drained.
If your Twitter account is doxxed to your real… pic.twitter.com/5wA86mjYEG
Friend.tech allows users to purchase “keys” of individuals, which grants access to private chat rooms with them.
The SIM-swap scam occurs when scammers gain access to the victim’s phone number and use it to acquire authentication, which enables them to access their social media and crypto accounts.
Manifold Trading, a firm building tools for the ecosystem, estimated that $20 million of Friend.tech’s $50 million of total value locked could be at risk. It called for the platform to beef up its account security measures by enabling two-factor authentication (2FA).
Related: How easy is a SIM swap attack? Here’s how to prevent one
There have also been calls for X to implement 2FA security measures to prevent mobile phone numbers from getting leaked following the high-profile hack of Vitalik Buterin’s account in September, which was also due to a SIM swap attack.
“0xfoobar,” founder and CEO of wallet security firm Delegate, advised removing phone numbers from social media accounts.
crypto twitter is like a neighborhood where once a day somebody leaves their front door open, gets robbed, and everybody comes together to lament the loss, leaving their own front doors open. instead of retweeting the 75th simswap of the week go remove your phone from everything
— foobar (@0xfoobar) October 5, 2023
Magazine: Blockchain detectives — Mt. Gox collapse saw birth of Chainalysis
In a short period of time, four friend.tech users reported their accounts were compromised and drained after hackers seized control of their mobile numbers.
Friend.tech users are warning of possible SIM-swap attacks after a recent spate of supposed hacks resulting in nearly 109 Ether (ETH) worth around $178,000 being drained from four users in under a week.
On Sept. 30, the X (formerly Twitter) user known as “froggie.eth” warned their Friend.tech account was SIM-swapped — where exploiters gain control of a user’s mobile number to intercept two-factor authentication codes, then used to access accounts — and subsequently drained of over 20 ETH.
Days later, on Oct. 3, a string of Friend.tech users reported similar incidents, with musician Daren Broxmeyer saying he was SIM-swapped and drained of 22 ETH.
His phone was earlier “spammed with phone calls,” which he believed was to force him to miss a text from his service provider warning him that someone was trying to access his account.
I was just SIM swapped and robbed of 22 ETH via @friendtech
— daren (friend, friend) (@darengb) October 3, 2023
The 34 of my own keys that I owned were sold, rugging anyone who held my key, all the other keys I owned were sold, and the rest of the ETH in my wallet was drained.
If your Twitter account is doxxed to your real… pic.twitter.com/5wA86mjYEG
The same day another user, “dipper,” also said their account was compromised, adding they have “no idea” how exploiters could hack their account, as they use strong passwords.
The fourth user, “digging4doge,” was drained of around 60 ETH after falling for a phishing scam that tricked them into sharing a login code.
Friendtech user @digging4doge just got drained to the tune of ~60 eth worth of keys.
— quit (,) (@0xQuit) October 4, 2023
About an hour ago, he received a text informing him that a number change had been requested for his account.
He had two hours to respond or the request would be auto approved. This was, of… pic.twitter.com/L21Hr041kP
Crypto investment firm Manifold Trading explained that any hacker gaining access to a Friend.tech account is then able to “rug the whole account.”
Assuming that a third of Friend.tech accounts are connected to phone numbers, around $20 million is at risk of being exploited through Friend.tech user-focused exploits, they said.
Related: Friend.tech look-alike ‘Alpha’ emerges on Bitcoin network
Manifold also suggested that, technically, all of Friend.tech is at risk due to how the platform’s security is set up, and solving the issues “should honestly be the number 1 priority.”
If any hacker gains access to a FriendTech account via simswap/email hack, they can rug the whole account
— Manifold (@ManifoldTrading) October 2, 2023
If you assume 1/3 of FriendTech accounts are connected to phone numbers, that's $20M at risk from sim-swaps
FriendTech's current setup also technically allows a rogue dev… https://t.co/XgodMNSh2l
Manifold suggested Friend.tech allow users to add 2FA to logins, key decryptions and transactions.
Users should also be given the option to change the login method from a number to email and allow for third-party wallets to be used.
High-profile crypto figures have previously been successfully SIM-swapped, with their accounts used to carry out phishing attacks, such as Ethereum co-founder Vitalik Buterin’s X account in September.
Cointelegraph contacted Friend.tech for comment but did not immediately receive a response.
Magazine: Blockchain detectives — Mt. Gox collapse saw birth of Chainalysis
