Friend.tech Wallet Data Leak Exposes Linked Twitter Accounts
Yearn Finance core contributor, Banteg, published a repository containing the “leaked” wallet addresses and X (Twitter) handles of more than 100,000 users on the friend.tech platform.
The database has now been taken down following doxxing concerns.
Banteg, a pseudonymous core contributor to Yearn Finance, today published a “leaked” GitHub repository containing the wallet addresses and X (Twitter) handles of more than 100,000 users on the friend.tech platform.
He highlighted that the leaked database comprises users who linked their Twitter accounts to friend.tech, inadvertently allowing the platform to post content on their behalf.
The data leak vulnerability in friend.tech’s API was first discovered by Spot On Chain. This security flaw enabled individuals to view the wallets created by users via the API.
As a result, there has been a surge of advice urging users to revoke friend.tech’s access to their Twitter accounts.
Friend.tech’s Leak Sparks Unease On Twitter
While friend.tech made headlines today for generating over $1.4 million in fees over the past 24 hours, placing it just behind Ethereum and Lido, the limelight on friend.tech today was accompanied by its fair share of controversy.
Nix_eth, the VP of Innovation at Horizen Labs, revealed that the SocialFi platform has questionable founders who launched the KosettoIs Kawaii project. With its unique offering of “wearable” NFT stickers and widespread sharing of referral codes, the project rapidly gained popularity before its sudden disappearance.
Describing itself as “the social network for your friends,” friend.tech was initially covered by Decrypt in May. Per the report, friend.tech originates from the minds behind Stealcam— two pseudonymous Web3 developers known as Shrimp and Racer.
Shrimp, also known as shrimppepe, surfaced in searches related to the Kosetto project.
Operating as a web3 social platform integrated within Coinbase’s incubated Layer-2 chain Base, friend.tech is a marketplace facilitating the trading of “shares” linked to Twitter accounts.
This intriguing feature facilitates shareholders access to private chat rooms, where they can directly engage with exclusive content and conversations. Within these chat rooms, shareholders are granted the privilege of interacting with the Twitter user whose shares they’ve acquired.
Following doxxing concerns on X (Twitter), Reddit and other social media platforms, the Github repository has now been taken down.
The database leak might have come as a shock to some, Crypto Twitter influencer spreekaway was not surprised.
“Yeah bro I thought no one would ever find my address on Base, the one that holds all the shares connected to my name and receives fees every time someone buys or sells my token,” he tweeted sarcastically.
Any data, text, or other content on this page is provided as general market information and not as investment advice. Past performance is not necessarily an indicator of future results.
The Trust Project is a worldwide group of news organizations working to establish transparency standards.