or the past two weeks, unidentified cyber attackers have been airdropping nonfungible tokens (NFTs) to Solana cryptocurrency users under the guise of a new Phantom wallet security patch, but instead of an update, it's malware intended to steal their crypto.

According to BleepingComputer, the attackers are attempting to impersonate members of the Phantom team by using the NFTS "PHANTOMUPDATE.COM" or "UPDATEPHANTOM.COM."

After opening the NFT, users are informed that a new security update for the Phantom wallet has been issued and can be downloaded from the sealed link or the listed website.

To emphasize the importance of downloading the fake security update, the message claims that failing to do so may lead to a loss of funds due to hackers trying to exploit the Solana network.

The sense of urgency is most probably connected to the Solana-based wallet hack, which saw approximately $8 million stolen from 8,000 wallets, including those of Phantom wallet users, in August. The security flaw was later linked to deficiencies in the Solana-based Web3 wallet service Slope.

If a victim follows the bogus Phantom update instructions, malware from GitHub is downloaded, attempting to steal the user's browser data, history, cookies, passwords, SSH keys, and other information.

Users who may have fallen victim to this scam should take protective measures such as inspecting their computer with an antivirus program, securing crypto assets, and changing passwords on delicate platforms such as savings accounts and crypto platforms.

Previously, similar malware-spreading campaigns used malware known as "Mars Stealer" to steal cryptocurrency from unsuspecting users.

Mars Stealer, an updated version of the 2019 information-stealing Oski trojan, targets over 40 browser-based crypto wallets and popular two-factor authentication (2FA) extensions with a magnet feature that steals customers' private keys.

Do you think this signifies that the crypto industry is still in its infancy? Drop your comments by sharing this article on social media.

Oct 11, 2022
Crypto News

More from 

Crypto News


View All

Join Our Newsletter and Get the Latest
Posts to Your Inbox

No spam ever. Read our Privacy Policy
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.