Phantom Wallet Security Update Hoax
In recent weeks, hackers have been targeting Solana cryptocurrency users by airdropping nonfungible tokens (NFTs) that falsely claim to be a new security update for the popular Phantom wallet. Instead of providing a legitimate update, these NFTs are a front for malware designed to steal users’ crypto assets.
How the Scam Works
The malicious NFTs are titled PHANTOMUPDATE.COM or UPDATEPHANTOM.COM and promote urgency by warning users that failing to download the fake security update could lead to a loss of funds due to hackers exploiting the Solana network. This tactic preys on users’ fears following an earlier hack that resulted in approximately $8 million stolen from around 8,000 wallets, including those belonging to Phantom wallet users.
Dangerous Consequences
Victims who follow the scam’s instructions may inadvertently download malware from GitHub that seeks to gather extensive personal data, including browser information, history, cookies, passwords, SSH keys, and other sensitive information.
Recommended Security Precautions
Experts recommend that users who may have fallen victim to this scam take immediate security measures such as:
- Scanning their computers with antivirus software.
- Securing their crypto assets.
- Changing passwords for sensitive accounts, including those related to banking and cryptocurrency trading.
Related Threats
This latest scam is part of a troubling trend where malware like Mars Stealer has been used in previous campaigns to steal crypto from unsuspecting users. Mars Stealer, an upgraded version of the Oski trojan from 2019, can target over 40 browser-based crypto wallets and even popular two-factor authentication (2FA) extensions, posing significant risks to digital asset holders.
