- Friend.tech’s security model has been scrutinized amid increasing SIM swap exploits.
- The platform has rolled out a new security feature in response to growing concerns.
- Despite the new feature, users must exercise caution while using the platform.
Despite enjoying rapid success since it burst into the scene in August 2023, Friend.tech has also received its fair share of criticism.
Most recently, the platform’s security model came under fire as hackers exploited SIM-swapping vulnerabilities to steal tens of thousands of dollars from users.
Sponsored
Friend.tech has rolled out a new security feature in response to growing concerns. Will it be enough to keep bad actors at bay?
Friend.tech Adds 2FA
In a tweet on Tuesday, October 10, Friend.tech announced that thanks to a partnership with Privy, users can now add a two-factor authentication (2FA) password as an extra layer of protection against exploits.
As explained by SlowMist founder “Cos,” the new feature allows users to create a separate password for operations related to fund transactions like buying or selling keys, fund withdrawals, and private key access. Cos was among those who brought attention to the SIM swap exploits on the platform—responding to the new Friend.tech feature, the SlowMist founder suggested that it significantly improved security.
Unlike 2FA implementations that use apps like Google Authenticator, Friend.tech users must hold on to their 2FA password or risk losing access to their funds. Privy’s 2FA implementation does not allow for this password to be reset.
Will Friend.tech’s 2FA Implementation be Enough?
While Cos has suggested adding 2FA improves security, the SlowMist founder still urged users to exercise caution in their interactions on the Web3 social media platform, highlighting that only so much 2FA can do.
Sponsored
"Users also need to pay attention to the security of their own friend.tech operating environment. Once there are Trojans and the like, no 2FA can protect you. Including not being tricked into executing JavaScript code of unknown origin in the friend.tech running browser console, otherwise you will be finished," Cos tweeted.
Users have lost at least 300 ETH to reported SIM swap exploits on Friend.tech. Recent security concerns added to criticism over the platform’s privacy and revenue model.
On the Flipside
- Users cannot move their assets if they forget or lose their 2FA password.
- Despite mounting concerns, Friend.tech’s user base continues to grow.
- SIM swap exploits are not unique to Friend.tech, but the platform’s lack of basic security controls brought it under scrutiny from the crypto community.
Why This Matters
SIM swap exploits had cost Friend.tech users tens of thousands of dollars in recent weeks. The rollout of a 2FA feature adds another layer of security for users and highlights Friend.tech’s potential for improvement.
Read this to learn more about the SIM swap exploits that have plagued Friend.tech users:
Friend.tech Security Model Under Fire as Users Report Hacks
Find out why European funds are dominating crypto inflows:
European Funds Dominate as Crypto Inflows Hit 2-Month High
