Fake Solana wallet security update is trying to steal your crypto

Join Camnang24h to see why “Fake Solana wallet security update is trying to steal your crypto” through the article below. Password-stealing malware is being spread by hackers through NFT airdrops purporting to be Solana Phantom security updates.

Related: NFTs transform how fans bet on upcoming sports stars

Fake Solana wallet security update is trying to steal your crypto

For the last two weeks, unknown hackers have been airdropping nonfungible tokens (NFTs) to Solana cryptocurrency users masquerading as a new Phantom wallet security update. However, instead of an update, it’s malware designed to steal their crypto.

According to BleepingComputer, the hackers are claiming to be from the Phantom team and using NFTS titled PHANTOMUPDATE.COM or UPDATEPHANTOM.COM.

After opening the NFT, users are told a new security update has been issued for the Phantom wallet and can be downloaded by using the enclosed link or the listed website.

To add urgency, the message claims that failing to download the fake security update, “may result in a loss of funds due to hackers exploiting the Solana network.”

The fake NFTs being used to spread malware. Source: BleepingComputer
The fake NFTs being used to spread malware. Source: BleepingComputer

The urgency piece is likely related to the Solana-based wallet hack, which saw roughly $8 million stolen from 8,000 wallets in August, including those of Phantom wallet users. The security exploit was later linked to vulnerabilities within the Solana-based Web3 wallet service Slope.

Should a victim follow the fake Phantom update instructions, the process ends with malware being downloaded from GitHub which attempts to steal browser information, history, cookies, passwords, SSH keys and other information from the user.

Users who may have inadvertently fallen prey to this scam are recommended to take security precautions such as scanning their computer with antivirus software, securing crypto assets and changing passwords on sensitive platforms such as bank accounts and crypto trading platforms.

In the past, similar malware-spreading campaigns have employed malware dubbed Mars Stealer to steal crypto from unsuspecting users.

An upgrade of the information-stealing Oski trojan of 2019, Mars Stealer targets more than 40 browser-based crypto wallets, along with popular two-factor authentication (2FA) extensions, with a grabber function that steals users’ private keys.

Source: Cointelegraph.com

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

Chúng tôi đã phát hiện ra rằng bạn đang sử dụng tiện ích mở rộng để chặn quảng cáo. Hãy hỗ trợ chúng tôi bằng cách tắt các trình chặn quảng cáo này.