Importing unknown mnemonic phrases into the Phantom wallet may lead to asset theft, users should be cautious

2025-02-12 10:28:07

Collection

ChainCatcher message, Slow Mist Technology's Chief Information Security Officer 23pds issued a warning that the latest version of the Phantom wallet may have security vulnerabilities. Victims have explained the risks of the Phantom Profile: when users import a mnemonic phrase from an unknown source, if that mnemonic phrase is associated with a Phantom Profile, the wallet will automatically log into that account system, putting the user's assets at risk of theft.

According to the victims, when users who have not enabled the Phantom Profile import such mnemonic phrases, the wallet will automatically log into a pre-set attacker account system, rather than just importing a single wallet address. Since the latest version of Phantom uses a Unified Profile System, this action allows the attacker to gain associated access to the user's device, enabling them to monitor the user's subsequent deposit activities and implement theft.

(Source Link)

ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.