• Tue. Apr 16th, 2024

MEV Bots Loot $2 Million from Friend.tech Accounts

Avatar photo

ByMarcel Bich

Sep 16, 2023
MEV Bots Loot $2 Million from Friend.tech Accounts
Marcel Bich
Latest posts by Marcel Bich (see all)

A massive cyber-attack hit Friend.tech, a burgeoning social application rooted in the Base blockchain. According to reports on Twitter, approximately 113 MEV bots managed to pilfer over 20,000 keys directly from Friend.tech accounts, accumulating an illicit profit close to $2 million. The bot tagged as 0xCC…Cc85 emerged as the most lucrative offender, netting about $580,000 from just 96 keys.

The scale of the bot assault peaked on August 21, registering a staggering 216,000 successful transactions juxtaposed against 308,000 unsuccessful ones. This tumultuous bot activity threw a spanner in the works for Base’s network, jamming several transactions in the process.

Inside Friend.tech

Operational on the Base blockchain, Friend.tech provides a platform for users to synergize their Twitter profiles with a tailor-made wallet address. These keys, at their core, are tantamount to a tokenized version of a Twitter persona.

The intrigue surrounding Friend.tech is palpable, as evidenced by its meteoric rise. In the first 24 hours since its debut, the platform accrued a whopping $1.12 million solely in commissions. As of the latest update, this figure has surged past $2.8 million, outstripping even Uniswap, a titan in the decentralized exchange realm. Further burnishing its credentials, a mere week post-launch, Friend.tech notched a total value of blockchain capital (TVL) at $5.98 million, with its transactional volume hovering around 13,150 ETH (an equivalent of $13 million).

Data Breach Fallout

To compound the challenges, Friend.tech finds itself grappling with a severe data breach. A database, replete with granular details of over 100,000 Friend.tech users, made an unsanctioned appearance on GitHub. This leaked dataset incorporates wallet addresses tethered to the Base blockchain, corresponding Twitter handles, and even sheds light on users’ funding avenues.

One GitHub user, delving into the data leak, points to the platform’s permissions as a plausible weak link. He conjectures that unwitting Friend.tech users might have inadvertently granted the app sweeping rights, including posting on Twitter on their behalf, possibly without a comprehensive understanding or unequivocal consent.

As the aftermath of these cyber onslaughts unfolds, it remains crucial for Friend.tech to bolster its security protocols and assuage its burgeoning user base.

 
Avatar photo

Marcel Bich

Marcel ‘s passion for the world of cryptocurrencies and his comprehensive knowledge of blockchain technology make him an invaluable asset to our team. He stays updated on the latest trends, regulations, and emerging technologies in the crypto space, ensuring that our audience receives accurate and up-to-date information.