According to reports, unknown hackers have been airdropping non fungible tokens (NFTs) to Solana cryptocurrency users over the past two weeks while disguising them as a new Phantom wallet security update. However, the NFTs are actually malware that is intended to steal the users’ money.
According to Bleeping Computer, the hackers are utilising NFTS called “PHANTOMUPDATE.COM” or “UPDATEPHANTOM.COM” and are posing as members of the Phantom team.
Users are informed when they open the NFT that a new security update for the Phantom wallet has been released and can be downloaded using the included link or the listed website.
The email emphasises the need for the fake security update, warning that failing to install it “may result in a loss of revenue due to hackers misusing the Solana network.”
The Solana-based wallet robbery in August, which resulted in the theft of approximately $8 million from 8,000 wallets, including those belonging to Phantom wallet users, is likely what triggered the urgency factor. Slope, a Web3 wallet service written in Solana, was later determined to have security issues.
If a victim follows the false Phantom update instructions, malware from GitHub is downloaded, attempting to steal the user’s browser data, history, cookies, passwords, SSH keys, and other information.
It is advised that users who may have unintentionally fallen victim to this fraud take security steps such running an antivirus scan on their computer, protecting their cryptocurrency holdings, and changing the passwords on sensitive websites like bank accounts and cryptocurrency trading platforms.
Similar malware-spreading schemes have in the past used “Mars Stealer” software to steal cryptocurrency from unwary users.
An updated version of the 2019 information-stealing Oski trojan, Mars Stealer uses a grabber feature to steal users’ private keys and targets more than 40 browser-based crypto wallets and well-known two-factor authentication (2FA) extensions.
Read more at Cryptoshrypto:
To get daily updates & trending news on crypto follow us on: