Friend.tech Wallet Data Leak Exposes Linked Twitter Accounts
In Brief
Yearn Finance core contributor, Banteg, published a repository containing the “leaked” wallet addresses and X (Twitter) handles of more than 100,000 users on the friend.tech platform.
The database has now been taken down following doxxing concerns.
Banteg, a pseudonymous core contributor to Yearn Finance, today published a “leaked” GitHub repository containing the wallet addresses and X (Twitter) handles of more than 100,000 users on the friend.tech platform.
He highlighted that the leaked database comprises users who linked their Twitter accounts to friend.tech, inadvertently allowing the platform to post content on their behalf.
The data leak vulnerability in friend.tech’s API was first discovered by Spot On Chain. This security flaw enabled individuals to view the wallets created by users via the API.
As a result, there has been a surge of advice urging users to revoke friend.tech’s access to their Twitter accounts.
Friend.tech’s Leak Sparks Unease On Twitter
While friend.tech made headlines today for generating over $1.4 million in fees over the past 24 hours, placing it just behind Ethereum and Lido, the limelight on friend.tech today was accompanied by its fair share of controversy.
Nix_eth, the VP of Innovation at Horizen Labs, revealed that the SocialFi platform has questionable founders who launched the KosettoIs Kawaii project. With its unique offering of “wearable” NFT stickers and widespread sharing of referral codes, the project rapidly gained popularity before its sudden disappearance.
Describing itself as “the social network for your friends,” friend.tech was initially covered by Decrypt in May. Per the report, friend.tech originates from the minds behind Stealcam— two pseudonymous Web3 developers known as Shrimp and Racer.
Shrimp, also known as shrimppepe, surfaced in searches related to the Kosetto project.
Operating as a web3 social platform integrated within Coinbase’s incubated Layer-2 chain Base, friend.tech is a marketplace facilitating the trading of “shares” linked to Twitter accounts.
This intriguing feature facilitates shareholders access to private chat rooms, where they can directly engage with exclusive content and conversations. Within these chat rooms, shareholders are granted the privilege of interacting with the Twitter user whose shares they’ve acquired.
Following doxxing concerns on X (Twitter), Reddit and other social media platforms, the Github repository has now been taken down.
The database leak might have come as a shock to some, Crypto Twitter influencer spreekaway was not surprised.
“Yeah bro I thought no one would ever find my address on Base, the one that holds all the shares connected to my name and receives fees every time someone buys or sells my token,” he tweeted sarcastically.
Disclaimer
In line with the Trust Project guidelines, please note that the information provided on this page is not intended to be and should not be interpreted as legal, tax, investment, financial, or any other form of advice. It is important to only invest what you can afford to lose and to seek independent financial advice if you have any doubts. For further information, we suggest referring to the terms and conditions as well as the help and support pages provided by the issuer or advertiser. MetaversePost is committed to accurate, unbiased reporting, but market conditions are subject to change without notice.
About The Author
Cindy is a journalist at Metaverse Post, covering topics related to web3, NFT, metaverse and AI, with a focus on interviews with Web3 industry players. She has spoken to over 30 C-level execs and counting, bringing their valuable insights to readers. Originally from Singapore, Cindy is now based in Tbilisi, Georgia. She holds a Bachelor's degree in Communications & Media Studies from the University of South Australia and has a decade of experience in journalism and writing. Get in touch with her via cindy@mpost.io with press pitches, announcements and interview opportunities.
More articlesCindy is a journalist at Metaverse Post, covering topics related to web3, NFT, metaverse and AI, with a focus on interviews with Web3 industry players. She has spoken to over 30 C-level execs and counting, bringing their valuable insights to readers. Originally from Singapore, Cindy is now based in Tbilisi, Georgia. She holds a Bachelor's degree in Communications & Media Studies from the University of South Australia and has a decade of experience in journalism and writing. Get in touch with her via cindy@mpost.io with press pitches, announcements and interview opportunities.