New Phishing Scheme Targets Phantom Wallet Users Through Deceptive Updates

A sophisticated phishing campaign is currently targeting users of Phantom, the popular Solana-based cryptocurrency wallet, by exploiting fake update notifications.

Web3 security platform Scam Sniffer revealed that attackers are connecting to legitimate Phantom wallets and presenting users with fraudulent “update extension” signature requests designed to steal private keys.

Contents show

Understanding the Attack Vector

The scammers’ methodology involves creating convincing pop-ups that closely mimic Phantom’s authentic interface. When users encounter these deceptive prompts, they’re asked to enter their seed phrase under the guise of a system update or connection request. Scam Sniffer,on January 31 announced that “Scammers are creating FAKE Phantom popups on malicious websites to steal seed phrases.” He further explained how users can identify fake pop ups as he warned users never to enter their recovery phrase on any website as Phantom never asks for it during connections.

1/3 🚨 PHISHING ALERT ON SOLANA!

Scammers are creating FAKE Phantom popups on malicious websites to steal seed phrases.

⚠️ NEVER enter your recovery phrase on ANY website. Phantom never asks for it during connections. pic.twitter.com/ft6YQAsTQZ
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) January 31, 2025

Furthermore, Scam Sniffer has identified key differences between legitimate and fraudulent pop-ups: genuine Phantom windows display “chrome-extension” in their URLs and allow right-click functionality, while phishing attempts typically block right-clicking and lack proper window controls like minimize and maximize options.

“Phantom’s popups act like system windows: you can minimize, maximize, and resize them,” Scam Sniffer noted.

Read more – find out the best crypto casino online platforms

Phantom’s Growth Amid Security Challenges

The timing of these attacks coincides with Phantom’s significant expansion in the cryptocurrency space. The platform recently announced reaching 10 million monthly active users and processing over 850 million transactions in 2024. With daily revenue reaching approximately $470,000, surpassing Coinbase Wallet, Phantom has become an attractive target for cybercriminals.

The platform’s recent $150 million Series C funding round, led by Sequoia Capital and Paradigm, values the company at $3 billion and underscores its growing importance in the crypto ecosystem. As Phantom continues to expand its features, including the recent launch of multicurrency support across 16 currencies, the need for user vigilance against sophisticated phishing attempts becomes increasingly critical.

Victor Ebo

Victor is a crypto and blockchain enthusiast with over 5 years of experience. I have written for crypto sites like Cryptomode, Bitcoinsensus, Bitcoinist, NEWSBTC, The Voice of Crypto and more.

Disclaimer

The information provided in this article is for informational purposes only and reflects the author’s opinion. It should not be construed as financial, legal, or investment advice. The cryptocurrency market is volatile and carries risks. Please conduct your own research before making any decisions.

Share this post