Phantom, a Solana-based wallet provider, has introduced a new burn functionality that enables users to delete spam nonfungible tokens (NFTs) supplied by con artists. This development comes only weeks after the Solana blockchain was the target of the most recent cryptocurrency theft, in which thousands of users reported having their cash secretly taken from them. After breaking into over 8,000 Solana-based cryptocurrency wallets, predominantly Phantom wallets, thieves took about US$5.2 million worth of cryptocurrency.
The new feature, which allows users to get a little ‘rent’ deposit of Solana (SOL) each time they use it, is available via the Burn Token button in the Phantom wallet app, according to a blog post from the Phantom team. The blog mentions, “We’re still in the Wild West days of Web3. As the crypto ecosystem grows, so have the number of bad actors looking for ways to steal users’ funds. The rapid growth in popularity of NFTs has led to an increasingly prevalent method of attack for scammers – Spam NFTs.” Phantom pointed out that the problem has been particularly prominent on Solana because of its low transaction fees and that unscrupulous parties frequently airdrop allegedly free NFTs that include malicious links in large quantities.
For the cyber-theft attack to work, cybercriminals exploit the NFT airdrop feature, which allows users to get free NFT. When users click on the URL provided by the scammers in the description, they are usually sent to a fraudulent website instead of receiving the free NFTs they were promised.
Criminals employ one of two methods to steal money. Either they ask the user to accept a transaction in order to “mint” or “claim” free NFT. But, after the operation is completed, the user’s wallet is depleted of all cash. Alternatively, the link directs the user to enter their seed phase, resulting in a similar consequence.
Phantom reveals that such scams are growing more advanced. For instance, fraudsters might modify an NFT’s metadata once a contract address and domain are discovered to be bad to avoid being blacklisted.
The new feature will boost the Phantom Wallet’s security. It offers users the authority to report NFT spam, which enables Phantom’s staff to block the domains and addresses when a specific scam NFT is detected. This process will assist in removing the spam or fraudulent NFTs from the wallet. By compiling and disseminating a list of spam and phishing NFTs, Phantom intends to reduce the number of hacking attempts. It is also working with NFT API provider SimpleHash to establish an internal reporting system for detecting spam NFTs.