Recent reports reveal that Friend.tech, a popular platform for tokenizing social networks, has experienced a significant privacy breach. Perturbingly, data relating to over 101,000 users was made publicly available on GitHub by Banteg, a key contributor to the recognized DeFi project Yearn Finance. The unapproved revelations included Twitter usernames linked to Base wallet addresses – a detail with immense privacy repercussions for the involved individuals.
However, the breach’s shadows augment beyond just this. Banteg’s representation of the operations suggests that Friend.tech users might have inadvertently permitted the platform to post on their behalf. Often, the granting of such permissions may occur without full comprehension by the user – an alarming scenario that puts consent, a cornerstone of ethical operation, under scrutiny.
A discovery by Spot On Chain analysts first unfurled the incident. The financial analysts revealed that through Friend.tech’s API, wallet data registered by users was discernible, along with affiliated Twitter usernames. Launched as a beta version last August, Friend.tech enables users to buy and sell “shares” in their connections, imposing a 5% transaction fee and carrying operations on Coinbase’s Base Layer-2 network.
When confronted about the data exposure, Friend.tech tried to mitigate the severity, arguing that the information was available via their API before the public scraping incident. They compare the situation to viewing a public Twitter feed, thus supposedly negating the nefarious implications of the breach.
This disconcerting episode unravels at the same time as the platform basks in its recent success. Friend.tech has seen a veritable deluge of high-profile sign-ups and incomes generated from protocol fees in the last 24 hours – a staggering sum exceeding $1.42 million. It’s now among the top three crypto projects when it comes to user-paid fees – a position at odds with such security concerns.
The innovator behind Friend.tech is suggested to be none other than Racer, a cryptonym for the developer notable for creating social media networks like TweetDAO and Stealcam. With this project, Racer is aiming to reel in significant crypto influencers, crafting a platform for these key players to earn trading royalties, and fostering durable relationships amidst the crypto industry’s crucial figures, venture capitalists, and Web3 projects. However, regardless of such promising objectives, the recent breach raises questions about data protection and privacy within the burgeoning world of blockchain technology.
Source: Cryptonews