THE DAILY ENCRYPT

[date-today format='F j, Y']

Warning: Hackers use Fake Solana Security Update to Access Crypto Wallets

Password-stealing malware is being spread through NFT airdrops claiming to be Solana Phantom security upgrades, when in fact it is password-stealing malware....
computer screen
Photo by Arget

Password-stealing malware is being spread through NFT airdrops claiming to be Solana Phantom security upgrades, when in fact it is password-stealing malware.

Unknown hackers have been airdropping tokens (NFTs), to Solana crypto users, in the guise of a upcoming Phantom wallet security upgrade. It’s actually malware that aims to steal their crypto.

According to BleepingComputer, hackers claim to be part of the Phantom team. They are using NFTS titled UPDATEPHANTOM.COM and PHANTOMUPDATE.COM.

After opening the NFT users are informed that a new security update for the Phantom wallet has been issued. You can download it by clicking the attached link or visiting the listed website.

The message adds urgency by warning that failure to download the security update may result in funds being lost due to hackers exploiting the Solana network.

The urgency is likely to be related to the Solana wallet hack that saw $8 million stolen from roughly 8,000 wallets, including Phantom wallet users. Later, the security exploit was linked to vulnerabilities in Solana’s Web3 wallet service Slope.

If a victim follows the Phantom update instructions, malware is downloaded from GitHub. This malware attempts to steal the user’s browser history, cookies, passwords and SSH keys.

It is recommended that users who have fallen for this scam inadvertently take security precautions, such as scanning their computers with antivirus software, protecting crypto assets, and changing passwords on highly sensitive platforms like bank accounts or crypto trading platforms.

Similar malware-spreading campaigns used malware, dubbed Mars Stealer, to steal crypto from unsuspecting victims.

Mars Stealer is an upgrade to the Oski trojan, which steals information from browser-based crypto wallets. It also targets popular two-factor authentication (2FA), extensions and a graber function that steals private keys.

Elena Argyros

Elena Argyros

Elena is cryptocurrency writer / journalist based in Europe. She has extensive knowledge in the crypto space and is a solidity programmer by trade. Elena has built an extensive resume working with some of the most ground breaking blockchain firms. Being in Europe, Elena has amassed a large network of professionals in the space and states "The technology behind blockchain is going to impact everyone on earth in a good way, once you get to understand it".
Elena Argyros

Elena Argyros

Elena is cryptocurrency writer / journalist based in Europe. She has extensive knowledge in the crypto space and is a solidity programmer by trade. Elena has built an extensive resume working with some of the most ground breaking blockchain firms. Being in Europe, Elena has amassed a large network of professionals in the space and states "The technology behind blockchain is going to impact everyone on earth in a good way, once you get to understand it".

© 2022 The Daily Encrypt. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

Latest News
PRESS RELEASES