Unknown hackers have been airdropping nonfungible tokens (NFTs) to Solana cryptocurrency users over the past two weeks while disguising them as a new Phantom wallet security update, as reported by Cointelegraph.
However, the NFTs are actually malware that is intended to steal the users’ money.
According to BleepingComputer, the hackers are utilising NFTS called “PHANTOMUPDATE.COM” or “UPDATEPHANTOM.COM” and are posing as members of the Phantom team. Users are informed when they open the NFT that a new security update for the Phantom wallet has been released and can be downloaded using the included link or the listed website.
According to Cointelegraph, the mail emphasises urgency by warning that skipping the phoney security update “may result in a loss of cash owing to hackers abusing the Solana network.”
The Solana-based wallet heist, which resulted in the theft of about $8 million from 8,000 wallets in August, including those belonging to Phantom wallet users, is probably what prompted the urgency element. Later, it was discovered that Slope, a Web3 wallet service built in Solana, had security flaws.
If a victim follows the bogus Phantom update instructions, malware that attempts to steal the user’s browser data, history, cookies, passwords, SSH keys, and other information is downloaded from GitHub, Cointelegraph noted.
(With insights from Cointelegraph)
