news Adds 2FA Password for Users Amidst Ongoing SIM-Swap Attacks Adds 2FA Password for Users Amidst Ongoing SIM-Swap Attacks

The team behind the decentralized social media platform has responded to a series of SIM-swap attacks targeting its users by implementing a crucial security enhancement. 

In a recent announcement on X (formerly Twitter), unveiled the introduction of a Two-Factor Authentication (2FA) password feature. 

This move aims to provide additional protection for users whose cell carriers or email services have been compromised. Users Will Have an Option to Setup Additional Password

With the new 2FA feature, users will now be prompted to set up an additional password when signing in on new devices. 

Importantly, neither the team nor the Privy teams will have the capability to reset these passwords, underlining the need for users to exercise caution when using this feature.

The decision to bolster security comes in the wake of a string of SIM-swap attacks that have plagued users since September. 

The attacks have raised concerns and drawn criticism from some quarters regarding the platform's initial response.

Slow Mist founder Yu Xian tested the 2FA mechanism and shared his experience on Twitter. Users Face SIM Swap Attacks

The SIM-swap attacks have culminated in the theft of an estimated 109 Ether (ETH), valued at nearly $500,000 in just few days, with one hacker stealing nearly $400k from different users. 

To mitigate the risk of SIM-swap exploits, had already introduced security updates on October 4, allowing users to add or remove various login methods.

Despite some criticism over the timing of the 2FA implementation, many users welcomed the added layer of security. 

Blockworks founder Jason Yanowitz shed light on the modus operandi of the SIM-swap attacks. Attackers send text messages requesting a number change, with users required to respond with either “YES” or “NO.” 

If the response is “NO,” the user is sent a legitimate verification code from and is prompted to send the code to the scammer's number. 

Failure to respond within two hours results in the requested change proceeding, potentially leading to account compromise.

Earlier today, head of Defiant News revealed that he saw his wallet drained in an elaborate phishing scam.

Leave a Reply