Friend Tech Suffers Data Leak Exposing 101K User Wallets
Friend.tech, a new decentralized social network, created ripples in the cryptocurrency industry by amassing $1 million in fees on the first day of operation. However, the site is under fire after an unknown Yearn Finance contributor, Banteg, revealed a significant breach of sensitive user data on GitHub. This hack discloses substantial information regarding over 101,000 individuals, including their Base wallet addresses and Twitter identities.
BREAKING 🚨
“Banteg has published a leaked database containing critical details of users on the https://t.co/B8hyToz9Ly platform as a GitHub repository. This includes Ethereum addresses and corresponding Twitter usernames for over 101,000 users”. pic.twitter.com/AN9j8NuUEo
— Elja (@Eljaboom) August 21, 2023
The friend Tech network was initially lauded for its rapid development and ability to drive more significant Bitcoin usage. Nonetheless, the current breach has prompted worries among users, especially given the platform’s fast development.
A Hazard to User Accounts
Many users raised concerns about the platform’s price structures and revenue-generating tactics. Furthermore, friend.tech’s capacity to submit tweets and retweets on its users’ behalf received much criticism. Twitter users are urging others to cancel Friend Tech access to their accounts in light of the disclosure.
“Imagine giving power to a 3rd party to do these things to your profile,” one concerned user tweeted. In the future, they may post or retweet items from your account that harm your community. “All it takes is one security flaw to destroy everything.”
To fix this, users may click on their Twitter account settings and delete friend.tech’s access. Users can withdraw the app’s posting and retweeting rights by selecting the ‘Security and account access’ section and clicking ‘Connected account.’
One thing you should do if you are using friend tech is revoke access to X.
Head to settings, security and account access and just click revoke on friend tech.
You needed to connect it to begin with, but you can revoke afterwards.
friend tech will then no longer have access… pic.twitter.com/ljsi6M06Ch
— Aylo (@alpha_pls) August 21, 2023
The Debate Rages On
Spot On chain experts discovered that friend.tech’s API had “leaked” information, including user-created wallet addresses that could be read via the API. Friend.tech is a web3 social application that works on the Coinbase-incubated Layer 2 chain Base, where users may trade shares in Twitter accounts and access private chat rooms.
Despite the uproar, Friend Tech has grown in popularity among celebrities. After joining the platform, influential esports community co-founder Richard “FaZe Banks” Bengtson II and NBA star Grayson Allen saw their share values skyrocket.
In reaction to the disclosure, friend.tech argued that the leaked material was already public, like someone perusing a public Twitter feed. However, according to Banteg’s admission, 101,183 people unintentionally authorized friend.tech the authority to publish on their behalf.
As the platform grows, users are encouraged to be cautious about granting third-party access to their social media accounts and remain vigilant about their online security.
