Phony non-fungible token (NFT) airdrops are reportedly targeting Solana (SOL) wallets with malware to steal passwords and digital assets.
According to a new report by BleepingComputer, attacks began two weeks ago and pose as needed Phantom security upgrades titled “PHANTOMUPDATE.COM” or “UPDATEPHANTOM.COM.”
“When opening the NFTs, wallet owners are told that a new security update has been released and that they should click the enclosed link or visit the site to download and install it. ‘Phantom requires all users to update their wallets. This must be done as soon as possible,’ reads the warning in the fake Phantom update NFT. ‘Failing to do so, may result in loss of funds due to hackers exploiting the Solana network.”
The source of the malware is unclear, but it is designed “to steal browser information, such as history, cookies, and passwords, as well as SSH keys and other information,” per the report.
The report suggests it may be MarsStealer, a previous malware effort using a similar file name.
“The goal of this campaign is likely to steal cryptocurrency wallets and passwords that would allow the threat actors to steal all crypto funds and compromise other accounts belonging to the victim.”
Those who fall victim to the scam should take several steps, according to BleepingComputer.
“Victims who installed the fake Phantom security update should immediately scan their computer with an antivirus program and then transfer crypto funds and assets from their existing Phantom wallet to a new one.
Next, victims should change their passwords on all sites they use, focusing on cryptocurrency trading platforms, online wallets, bank accounts, email, or other sensitive platforms.
Ultimately, victims should change their password to a unique one for every site they visit to prevent credential leaks at one site from affecting other sites.”
Don't Miss a Beat – Subscribe to get email alerts delivered directly to your inbox
Check Price Action
Follow us on X, Facebook and Telegram
Surf The Daily Hodl Mix
Featured Image: Shutterstock/Pom669PIXs/WhiteBarbie