A recent phishing attack targeting a Solana user has resulted in significant losses. As per Scam Sniffer, a Web3 anti-scam platform, the Soalna user reportedly lost nearly $40,000 in $BONK and $SOL tokens with the incident taking place on the 24th of October. The anti-scam platform took to social media to discuss the impact of the phishing attack.
⚠️ 4 days ago, a victim lost around $40,000 in $SOL and $Bonk after signing a phishing signature.💸 https://t.co/zfEXvOKQoB pic.twitter.com/AvDAW8O7o2
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) October 26, 2024
Recent Phishing Attack on Solana User Lets the Attacker Drain the Wallet
In its latest X post, Scam Sniffer pointed out that the Solana phishing attack denotes vulnerabilities in signing blockchain transfers. The victim experienced the phishing attack while endeavoring to sign a seemingly standard request for signature. Nonetheless, this innocuous interaction maliciously gave control to the attacker who drained the wallet. Hence, this attempt resulted in a compromise on the $SOL holdings and token accounts of the victim.
In Solana, someone can get unapproved control over a victim’s assets if the victim signs the transaction or grants access. This makes it critical for consumers to comprehend the risks that the signature requests pose. Solana’s exclusive characteristics include a swift block speed, contributing to the network efficiency, nevertheless, it can pose some risks. Scam Sniffer asserted that the respective speed difference develops a break between the on-chain state and the wallet simulation state.
Scam Sniffer Encourages Solana Users to Scrutinize Access Requests and Double-Check Transactions
The respective attack vector does not appear new. Formerly, some other such cases have also been reported. These scams exploited the simulation and on-chain differences. According to Scam Sniffer, Solana users need to stay away from signing requests coming from suspicious or unfamiliar sources. Additionally, they need to double-check transactions before authorizing a strange access request. Moreover, Solana encourages users to scrutinize applications and sites that request access, because phishing scams mostly originate from compromised or fake websites.