Fake Solana wallet update steals users’ digital holdings via NFT airdrops

Bad actors wreak havoc on Solana’s community through malware to steal users’ virtual currency holdings. Bleeping Computer reported that the hackers hide behind a fake security patch to install malware on victims’ devices as the latest piece of the heist.

According to the report, the fraudsters operate by airdropping Non-Fungible Tokens (NFT) to users of the Phantom wallet. After opening the NFTs, users are greeted with a message prompting them to install a new security update by clicking on a link in the attachment.

“Phantom requires all users to update their wallet. This must be done as soon as possible,” the false warning read. “Failure to do so could result in the loss of funds due to hackers exploiting the Solana network.”

Users who fall for the scam and click on the link are taken to a website that automatically downloads a file that acts as password-stealing malware when installed. An analysis shows that the malware has skills in stealing browsing history, passwords, cookies and even SSH keys and has been compared to Mars Stealer, malware with a range of collection of sensitive data from digital assets.

The scam aims to obtain passwords from victims’ devices and ultimately steal their digital currencies. Bleeping Computer warns that the threat goes beyond virtual currency wallets and may extend to other accounts belonging to the affected individuals.

Users who believe they have been a victim of malware have been asked to scan their devices with an antivirus program and immediately transfer their holdings from the Phantom wallet to another wallet. As an added layer of security, users are advised to change their passwords on virtual asset platforms and banking applications with the directive to use different passwords for each application.

Solana’s bad turn rolls into Q4

The activities of the Phantom hackers have been linked to the Slope hack that affected Solana’s community in August which led to the loss of nearly $8 million from 8,000 wallets. The incident left a dark spot in Solana’s already turbulent year, which has been inundated with reports of network outages.

Since the start of the year, Solana has suffered nearly a dozen network outages that dampen developers’ enthusiasm for building projects on the network. One network outage lasted 17 long hours, and the last occurred on September 30, caused by a misconfigured node.

However, Anatoly Yakovenko, the network’s co-founder, says he is considering a “long-term solution” to the dark history of blackouts by using Firedancer, a Solana client with his software development team.

“Because it’s a separate team, the probability of them having the same bugs in the code as ours becomes practically zero,” Yakovenko said.

Follow CoinGeek’s Crypto Crime Cartel series, which delves into the flow of groups from BitMEX to Binance, Bitcoin.com, Blockstream, ShapeShift, Coinbase, Ripple,
Ethereum, FTX and Tether – which have co-opted the digital asset revolution and turned the industry into a minefield for naive (and even seasoned) players in the market.

New to Bitcoin? Check out CoinGeeks Bitcoin for beginners section, the ultimate resource guide for learning more about Bitcoin – originally envisioned by Satoshi Nakamoto – and blockchain.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *