Hi guys, in today's post, we'll discuss the alarming Friend.Tech leak that exposed 101k public accounts linked to both wallets and Twitter profiles. We will cover how this public data became a treasure trove for malicious actors, the inherent risks, the changing landscape of crypto, and the economic factors contributing to this vulnerability.
We haven’t even sneezed and their favorite Friend.Tech is already leaking,
What Makes "Public" Data Dangerous?
Now someone will say how were they leaked if they were already public?
Just because something is "public" doesn't mean that it should be easily accessible in a compiled, organized, or structured manner, especially when linked with other personal information.
I don’t get how everyone is missing the point, there are risks associated with having Twitter user accounts linked to their public wallet addresses and being public, especially when granting an app control over Twitter actions.
The risks
One of the most disturbing risks is loss of privacy. Even if wallet addresses are public, linking them directly to identifiable Twitter accounts reduces the pseudonymity of blockchain transactions. It becomes easier to associate transactions with individual identities which is not exactly cool.
Scammers and fraudsters could use this information to target individuals. They could pose as legitimate entities or friends to trick users into sending money or revealing more personal information.
This is even the easiest, scammers clone accounts, act like they lost access to their original accounts and message other people who have back to back communication with the original account and yes many fall for it. I can’t explain how everyone throws out caution when it comes to money.
Granting an app access to tweet on behalf of a user means that malicious actors could misuse this access to spread misinformation, scams, or even malware links. But yes everyone suddenly trusts Friend.Tech devs to act right, we’ve seen this play out before, how well does it end?
Malicious actors could gain control over linked wallets, they could send dust transactions to wallets through which they could potentially execute unauthorized transactions leading to financial losses for the user, but it’s just already made public accounts and all is fine and well. Right.
The Role of Economic Desperation
When I first entered the crypto space six years ago, scams were less sophisticated. But as the technology has evolved, so have the tactics employed by scammers. What used to be a space driven by innovation and problem-solving has, in many ways, become a minefield of get-rich-quick schemes, fueled in part by economic uncertainty.
Sadly this is becoming a norm and I think the declining state of the economy all over the world has a huge role to play in it. Things are a lot messier than they used to be 6 years ago, people just want money anyhow, but regardless, it doesn’t justify willingly throwing your money at anything and hoping it sticks or am I the one with the problem?
The Evolution from Innovation to Exploitation
Five years ago, there was a certain hunger for innovations, solutions, people were weary of ICO scams that offered nothing and took everything, there was the hunger to build sustainable solutions, then came the idea to bridge cryptos together, it made sense that if different blockchains could communicate,
then they can share resources, but this seemingly good idea was shortly over taken by the need to make tokens from different blockchains tradeable with each other in one place, then came AMM protocols to bridge blockchain tokens, which led to another era of scams and rug pulls as developers spun up unaudited bug laden smart contracts.
DeFi was a good idea, still is, but only a few projects offer sustainable reasonable solutions, even till date many still don’t get the idea behind what an AMM protocol should entail. You call something decentralized but one person owns the keys that can clear out everyone’s funds and people willingly put their money in it because it promised high returns.
Up until date many are struggling with understanding what Web3.0 truly entails but are being fed with information from whatever their fav influencers tell them it is which is always web2 where they spend 3 months and later find out that they were demonetized or censored or their data was leaked after they totally ignored the ethos of decentralization, then say go yelling at the rooftops that “we need decentralized social
On a personal level, individuals should think twice before linking accounts and should be vigilant about the permissions they grant to third-party apps. The Friend.Tech leak serves as a wake-up call for everyone in the crypto community. We need to exercise caution, understand the risks and be proactive in safeguarding our digital lives.