Security researchers are investigating the Phantom wallet after an address poisoning attack resulted in the loss of $264,000 in Wrapped Bitcoin. According to investigator ZachXBT this Wednesday, the incident was enabled by the new messaging feature, which facilitated a phishing scheme that successfully deceived a high-balance investor within the decentralized network.
Data shared by Nansen reveals that the victim transferred 3.5 WBTC to an address controlled by scammers after falling into a technical trap. In this modality, attackers send small transactions to contaminate the history, hoping that users copy the wrong address without verifying the middle characters of the wallet before confirming the final transaction.
The rise of internal messaging and its risks for users
Following the incident, several cybersecurity experts have urged Phantom to urgently improve its interface to filter suspicious transactions automatically and reliably. Investigator ZachXBT warned that this chat feature has become a new draining method, as the current interface does not discriminate spam from legitimate fund transfers performed by unsuspecting cryptocurrency holders.
Furthermore, other users have reported smaller losses under the same mechanic, sharing screenshots of fraudulent transactions sent directly through the built-in messenger. The Solana blockchain, where Phantom has a dominant presence, has seen an increase in such activities, underlining the need for proactive prevention tools integrated directly into the applications to protect individual investors.
Nevertheless, prominent industry figures, such as Binance co-founder Changpeng Zhao, have previously reiterated that wallets must implement automatic blocks for suspicious addresses. Zhao suggested that wallets should filter transactions of insignificant value, as these operations are usually the first step to executing a larger-scale theft through visual deception and social engineering.
How can wallets effectively prevent future capital drains for their users?
Specialists from the firm Hacken emphasize that users must stop copying addresses directly from their transaction history to avoid fatal errors during transfers. Therefore, maintaining a verified address book is vital, as blindly trusting recent records exposes even institutional participants to million-dollar losses during their daily operations within the complex decentralized finance ecosystem.
Looking ahead, wallet providers are expected to integrate real-time security simulations that act as a firewall before every signature process. Undoubtedly, the industry requires much more sophisticated preventive alerts, as this is the only way to eradicate address poisoning techniques that continue to threaten the integrity of the global decentralized financial ecosystem for everyone.
