Slowmist, a blockchain security firm, has issued a user caution over recent Solana network phishing incidents. According to the company, this type of theft is fairly common. Solana recently lost $320 million in Ethereum (ETH) through its DeFi token bridge Wormhole.
Slowmist is raising red flags.
The cryptocurrency and NFT ecosystems are rife with opportunities and threats. The Slowmist has recorded over 650 hack occurrences worldwide in which users have lost over $25 billion.
In a new reminder, the blockchain security firm has voiced concern about the next possible NFT theft. The Slowmist demonstrated how it is done.
- The attacker airdrops NFTs to users in batches.
- The user then enters the target website through the link received in the airdrop description (www_officialsolanarares_net).
- Connects to the wallet, and clicks “Mint” on the page.
- After approval, all SOL in the wallet will be transferred.
The user will interact with the threat posed by the attacker simply by clicking Approve. The threat in this case is a malicious contract that triggers Solana Transfer. According to Slowmist, phishing attacks are on the rise.
The firm has expressed worry over the security mechanism of the Solara Wallet Phantom. There is no comprehensive ‘risk warning’ for users, making it easy for them to be hurt.
Phishing attacks on the rise?
The phishing attempts highlighted above are creating a security blind spot, causing users to lose their investment. The recent $320 million Wormhole hack is a strong signal to strengthen blockchain security. However, Phantom, a Solana-based digital wallet, upgraded its security defenses in 2021.
Phantom’s Chris Kalani stressed that ‘We need to protect users from losing their funds from the phishing scams.’
Meanwhile, the theft of $600 million from the Poly Network has been dubbed the largest breach in the history of decentralized finance. The hacker, however, returned the stolen assets once the network displayed a warning that legal action could be taken against them.
Disclaimer: These are the writer’s opinions and should not be considered investment advice. Readers should do their own research.