Hackers Use Fake Solana Phantom Updates to Steal Crypto (Report)
Scammers have reportedly sent consumers a new Solana Phantom security update assuring it will grant additional protection.
However, wrongdoers have installed password-stealing malware through airdropped NFTs and used them to drain cryptocurrency from the affected wallets.
Another Scam in the Space
A recent coverage revealed that the scheme started two weeks ago when NFTs called “PHANTOMUPDATE.COM” or “UPDATEPHANTOM.COM” reached some Phantom users. Upon opening, they were advised to click on the enclosed link or visit a website to download and install the latest security upgrade.
“Phantom requires all users to update their wallets. This must be done as soon as possible. Failing to do so may result in loss of funds due to hackers exploiting the Solana network. Visit www.updatePhantom.com to get the latest security update,” the message stated.
Once choosing one of the two options, victims automatically downloaded a batch file named “Phantom_Update_2022-10-08.bat.” Accepting the conditions guided users to another file called windll32.exe. According to the cybersecurity system VirusTotal, though, that feature is a password-stealing malware that attempts to drain browser information, including history, passwords, and cookies.
The main purpose of the hackers was to use passwords and steal digital assets from the victims’ cryptocurrency wallets.
Individuals who have installed that malicious file should scan their computer with an antivirus program and then move their holdings from their existing Phantom wallet to a new one. Changing their passwords on all sites related to cryptocurrency trading is also a must.
Having a unique password for each website could be the best idea as it prevents credential leaks between different databases.
Solana’s Phantom Wallet Turned Into Unicorn
Despite the aforementioned fraud, 2022 has been a rather successful year for the Solana-based cryptocurrency wallet Phantom.
Eight months ago, it secured a $109 million fundraiser led by the Canadian investment company – Paradigm – and the American venture capital firm – Andreessen Horowitz (a16z), after which its market valuation hit $1.2 billion.
“The team at Phantom is honored to work with these incredible partners and to have their trust in executing our vision to bring Web3 to the broader world. It is clear that the explosive adoption of NFTs and DeFi has underscored the tremendous role crypto wallets have in providing a user experience that is safe, fun, and easy-to-use,” the project outlined back then.
This spring, the Solana-based wallet released a mobile application on Android, meaning that users can deal with crypto and NFTs on any smartphone running on that operating system. Prior to that, Phantom introduced the service on iOS.
Binance Free $100 (Exclusive): Use this link to register and receive $100 free and 10% off fees on Binance Futures first month (terms).
PrimeXBT Special Offer: Use this link to register & enter POTATO50 code to receive up to $7,000 on your deposits.