A recent phishing attack targeting a Solana user has resulted in significant losses. As per Scam Sniffer, a
Web3
anti-scam platform, the Soalna user reportedly lost nearly $40,000 in $BONK and
$SOL
tokens with the incident taking place on the 24
th
of October. The anti-scam platform took to social media to discuss the impact of the phishing attack.
⚠️ 4 days ago, a victim lost around $40,000 in
$SOL
and
$Bonk
after signing a phishing signature.?
https://t.co/zfEXvOKQoB
pic.twitter.com/AvDAW8O7o2
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer)
October 26, 2024
Recent Phishing Attack on Solana User Lets the Attacker Drain the Wallet
In its latest X post, Scam Sniffer pointed out that the Solana phishing attack denotes vulnerabilities in signing blockchain transfers. The victim experienced the phishing attack while endeavoring to sign a seemingly standard request for signature. Nonetheless, this innocuous interaction maliciously gave control to the attacker who drained the wallet. Hence, this attempt resulted in a compromise on the $SOL holdings and token accounts of the victim.
In Solana, someone can get unapproved control over a victim’s assets if the victim signs the transaction or grants access. This makes it critical for consumers to comprehend the risks that the signature requests pose. Solana’s exclusive characteristics include a swift block speed, contributing to the network efficiency, nevertheless, it can pose some risks. Scam Sniffer asserted that the respective speed difference develops a break between the on-chain state and the wallet simulation state.
Scam Sniffer Encourages Solana Users to Scrutinize Access Requests and Double-Check Transactions
The respective attack vector does not appear new. Formerly, some other such cases have also been reported. These scams exploited the simulation and on-chain differences. According to Scam Sniffer, Solana users need to stay away from signing requests coming from suspicious or unfamiliar sources. Additionally, they need to double-check transactions before authorizing a strange access request. Moreover,
Solana
encourages users to scrutinize applications and sites that request access, because phishing scams mostly originate from compromised or fake websites.