Phantom users receive malware disguised as NFTs
Users risk losing passwords and funds on cryptocurrency wallets when they click on links from non-fungible tokens
11.10.2022 - 08:15
447
2 min
0
What’s new? Cybersecurity experts at BleepingComputer have warned users about a fake security update for Phantom cryptocurrency wallets on the Solana blockchain. Hackers, under the guise of a wallet update, send out non-fungible tokens (NFTs) that contain malware.
News on the BleepingComputer website
How does the hack happen? The attackers pose as members of the Phantom team and send NFTs with malware to wallet owners to steal passwords. The tokens usually have names like PHANTOMUPDATE.COM and UPDATEPHANTOM.COM.
After opening the NFT, users are notified that a new security update has been released for the Phantom wallet, which can be downloaded from the attached link. When the website is accessed, malware from GitHub is downloaded to victims’ devices which steals browser information, cookies, history, passwords, SSH keys, and other information. Solana users are advised to scan their devices with antivirus software and change their passwords.
In August, the Solana network was subjected to a hacker attack that resulted in attackers managing to withdraw millions of dollars from users’ wallets. Analysts at Watcher Guru reported the theft of more than $7 million in SOL tokens and USDC stablecoins. Solana developers later revealed that the affected addresses were created, imported, or used in Slope mobile wallet apps.
In September, the 1inch team warned about a vulnerability in the Ethereum vanity address generating tool Profanity. Thus, keys to wallets created with the service could be calculated by brute force. An anonymous developer of Profanity added that the project was “abandoned” several years ago after “fundamental security issues in the generation of private keys” were found.
Useful material?
Market
To advance crypto-friendly regulation, Trump’s party needs to win a majority in the Senate
Oct 18, 2024
Incidents
The regulator believes that the court erred in not recognizing retail sales of XRP as securities transactions
Oct 18, 2024
Market
The leader was the Solana network, with 100 million active addresses per month
Oct 17, 2024
Crypto regulations
Amendments to the regulation of financial institutions have been published for public discussion until October 30
Oct 16, 2024
Market
Over the past four years, the company’s shares have grown by 1540%, while the index has gained only 111%
Oct 16, 2024
Incidents
Over the last 24 hours, the asset has updated its all-time high at $2,34
Oct 15, 2024