According to CryptoPotato, blockchain security firm SlowMist has issued a warning about a rise in phishing attacks targeting users of the decentralized social network friend.tech. The issue was first reported on October 14 by Twitter user Masiwei, who discovered a malicious code aimed at stealing friend.tech accounts. SlowMist Security Team's investigation revealed that the attackers shared a link containing a malicious JavaScript script.
The malicious script specifically targeted friend.tech users, focusing on Key Opinion Leaders (KOLs) who were likely to receive interview invitations due to their popularity. The attacker's strategy involved following people within the target's Twitter network, creating a false sense of community when users visited the attacker's Twitter page. The attacker would then schedule interviews, guide users to join Telegram for the interview, and provide an outline. After the interview, the attacker asked users to fill out a form and open a phishing link under the guise of verification. Upon opening the bookmark containing the malicious JavaScript script, users inadvertently exposed their friend.tech account credentials, including the password (2FA) and tokens associated with the embedded wallet Privy, putting both the user's friend.tech account and related funds at risk of theft.
To prevent phishing attacks, SlowMist recommends increasing awareness of social engineering attacks, avoiding clicking on unfamiliar links, and learning to recognize phishing links by checking for misspellings or excessive punctuation in domain names and ensuring they match with official domains. The firm also encourages users to install anti-phishing plugins. This is not the first time friend.tech users have had their digital assets stolen. Last month, on-chain investigator ZachXBT reported that friend.tech users were targeted by SIM card manipulation. In response, the friend.tech team introduced the 2FA password feature to enhance user security and protect against SIM-swap attacks.