The crypto world attracts many criminals because of the easy access to money. An interesting story in this regard is that of Phantom Wallet.
In a long post published last week on the official blog, Phantom explains what the key points are regarding wallet security.
Phantom is a non-custodial crypto wallet designed to be secure, yet easy to use, and is used by the Solana community given that it specifically supports that blockchain.
Phantom wallet: crypto attacks averted
In the post, the authors highlight the Transaction Previews feature, which allows users to view a kind of transaction preview, in some ways similar to a firewall that identifies malicious transactions and alerts the user before they approve them.
This protects users from phishing attacks, pharming, and more by providing real-time alerts to users. The alerts are provided by the specialized company Blowfish.
Blowfish analyzes transactions before they are finally approved by users, looking for anything that looks suspicious.
The authors of the post claim that, so far, Phantom’s transaction preview has scanned more than 85 million transactions thereby preventing more than 18,000 fraudulent transactions aimed at stealing funds from users. In the last month alone over 3,000 users would have been protected in this way.
These are therefore not direct attacks on the wallet, which being non-custodial is very difficult to attack, but aimed directly at users.
In particular, Blowfish uncovered many transactions directed to addresses included in their blacklist, or that were calling the setAuthority function incorrectly, or trying to evade controls. In some cases, actual attempts to drain the unsuspecting user’s wallet were uncovered.
Blowfish checks suspicious domains or website, but also suspicious tokens or attempts to obfuscate the code in smart contracts.
So although these are not attacks directed toward Phantom Wallet, they are still detected by Blowfish through external analysis regarding various tools and actors within the crypto industry.
Successful attacks
On the other hand, it is well known that there have been, and continue to be, many successful attacks aimed at deceptively seizing the tokens of users of this and other wallets.
Indeed, it is impossible to verify all smart contracts and all recipient addresses, and often times, even when verifying, it is difficult to find out whether it is really a scam attempt or not.
In theory, it should be the users themselves who should try to defend themselves, because it is impossible to completely prevent them from sending funds to scammers. However, certainly some help can come from services that know the industry very well and thus are able to warn users of possible problems.
The percentage is low
It is worth noting that out of the 85 million transactions examined on Phantom, only 18,000 were found to be suspicious. Although it is by no means certain that there were not also others that escaped Blowfish’s scrutiny, 18,000 out of 85 million is about 0.02%, which is a negligible percentage. It means that 99.98% of the transactions were found to be non-suspicious.
To be fair, however, the big attacks that make a lot of money for token thieves are not those aimed at small investors. They are mainly those aimed at smart contracts or exchanges, where huge amounts of funds are deposited.
In these cases it is rarely phishing or social engineering, but often actual hacks that exploit technical vulnerabilities.
Non-custodial wallets, such as Phantom, generally do not have these vulnerabilities, especially when their code is open-source, that is, public and verifiable by anyone.
Hence, hackers rarely turn their attention to non-custodial wallets, but prefer tools or platforms that might suffer from some technical vulnerability, and that can yield them huge profits if they are hacked.
Instead, fraudsters prefer to target ordinary users, exploiting not the vulnerabilities of their wallets but those of their behavior, particularly ignorance, carelessness, and superficiality.
Despite this, the overall percentage of suspicious or fraudulent transactions within the crypto sector is not particularly high, as the vast majority of transactions are correct and legitimate.
The problem is that, in some cases, huge amounts of tokens are stolen with a few scam transactions, to the extent that multimillion or even billion-dollar thefts in this sector are not as rare as one would like.
Source: https://en.cryptonomist.ch/2023/01/30/crypto-18000-attacks-phantom/