Get the scoop on finance - sign up for mobile alerts
Scams, Schemes and Hacks
| On
October 12, 2022

Fake NFT Airdrops Attempting To Compromise Solana (SOL) Wallets and Siphon Crypto Assets: Report

By Daily Hodl Staff

Phony non-fungible token (NFT) airdrops are reportedly targeting Solana (SOL) wallets with malware to steal passwords and digital assets.

According to a new report by BleepingComputer, attacks began two weeks ago and pose as needed Phantom security upgrades titled “PHANTOMUPDATE.COM” or “UPDATEPHANTOM.COM.”

ADVERTISEMENT

“When opening the NFTs, wallet owners are told that a new security update has been released and that they should click the enclosed link or visit the site to download and install it. ‘Phantom requires all users to update their wallets. This must be done as soon as possible,’ reads the warning in the fake Phantom update NFT. ‘Failing to do so, may result in loss of funds due to hackers exploiting the Solana network.”

The source of the malware is unclear, but it is designed “to steal browser information, such as history, cookies, and passwords, as well as SSH keys and other information,” per the report.

The report suggests it may be MarsStealer, a previous malware effort using a similar file name.

“The goal of this campaign is likely to steal cryptocurrency wallets and passwords that would allow the threat actors to steal all crypto funds and compromise other accounts belonging to the victim.”

ADVERTISEMENT

Those who fall victim to the scam should take several steps, according to BleepingComputer.

“Victims who installed the fake Phantom security update should immediately scan their computer with an antivirus program and then transfer crypto funds and assets from their existing Phantom wallet to a new one.

Next, victims should change their passwords on all sites they use, focusing on cryptocurrency trading platforms, online wallets, bank accounts, email, or other sensitive platforms.

Ultimately, victims should change their password to a unique one for every site they visit to prevent credential leaks at one site from affecting other sites.”

Don't Miss a Beat – Subscribe to get email alerts delivered directly to your inbox
Check Price Action
Follow us on X, Facebook and Telegram
Surf The Daily Hodl Mix

ADVERTISEMENT

&nbsp
Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any losses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any cryptocurrencies or digital assets, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.

Featured Image: Shutterstock/Pom669PIXs/WhiteBarbie