Share this article
Solana’s Phantom Adds Safety Rails After Scammers Drain Wallets
Phantom’s security upgrades highlight the tug-and-pull between developers trying to simplify crypto’s user experience and scammers exploiting their shortcuts.
By Danny Nelson
Updated May 11, 2023, 6:38 p.m. Published Oct 13, 2021, 6:58 p.m.
Make us preferred on Google
Solana-based digital wallet Phantom has shored up its cyber defenses after weeks of user-reported scams that drained victims’ crypto token balances.
The wallet, analogous to Ethereum’s Metamask, exiled its “auto-approve” transaction feature to the back of the app, an Oct. 7 blog post said. It also cleaned up the user interface (UI) for transaction previews and said an anti-phishing website blocker is slated for future rollout.
STORY CONTINUES BELOW
“We need a way to protect users from losing their funds to the ever-growing number of phishing scams out there,” Phantom’s Chief Product Officer Chris Kalani told CoinDesk in an email.
Phantom’s security upgrades highlight the tug-and-pull between developers trying to simplify crypto’s user experience and scammers exploiting their shortcuts.
The auto-approve feature, for example, instantly initiated crypto transactions between wallets and trusted web apps. It cut out seconds by eliminating prompts for Phantom’s 700,000 users. That could be critical in time-sensitive scenarios, like minting a non-fungible token (NFT) or executing a decentralized exchange (DEX) trade.
But it was also a boon for scammers. In one well-documented case, scammers distributed links to a phony version of the Aurory NFT project’s minting website in the lead-up to a highly-anticipated drop.
“When users interacted with the wallet address that was listed on that phishing site, it would automatically sweep the funds out of that user’s wallet,” said Esteban Castaño, CEO of TRM Labs, which tracked the funds.
Sad day.
— Chase (@chasedevens) August 31, 2021
Participated in the @AuroryProject drop and wasn't able to mint any NFTs. A friend copy pasted a message from the Discord into our slack channel, thought he had DD'd it. I was the first one in the group to click it and had $15k SOL and all my NFTs wiped 😰
1/
Phantom’s knee-jerk reaction to the Aurory debacle was a pledge to nuke auto-approve outright. Solana whales pushed back: Sam Bankman-Fried, CEO of cryptocurrency derivatives exchange FTX and a SOL booster, called for Phantom to preserve the “value” of auto-approvals with a middle-ground solution.
“We have a large community we need to accommodate for and this feature is widely used in the Solana ecosystem currently,” Kalani said.
Auto-approve will still be available to “advanced” users who enable it through Phantom’s app settings, he said.
Phantom’s upcoming phishing blocker will also look to protect wallet users. Kalani said the feature will try to block users from accessing suspicious websites with a history of pilfering coins. It will reference a user-generated list of websites.
“Our goal with this isn’t to police what users can and cannot see, it is meant to combat obvious phishing scams that are attempting to trick users,” he said.
More For You
KuCoin captured a record share of centralised exchange volume in 2025, with more than $1.25tn traded as its volumes grew faster than the wider crypto market.
What to know:
- KuCoin recorded over $1.25 trillion in total trading volume in 2025, equivalent to an average of roughly $114 billion per month, marking its strongest year on record.
- This performance translated into an all-time high share of centralised exchange volume, as KuCoin’s activity expanded faster than aggregate CEX volumes, which slowed during periods of lower market volatility.
- Spot and derivatives volumes were evenly split, each exceeding $500 billion for the year, signalling broad-based usage rather than reliance on a single product line.
- Altcoins accounted for the majority of trading activity, reinforcing KuCoin’s role as a primary liquidity venue beyond BTC and ETH at a time when majors saw more muted turnover.
- Even as overall crypto volumes softened mid-year, KuCoin maintained elevated baseline activity, indicating structurally higher user engagement rather than short-lived volume spikes.
More For You
Solana’s new phase is ‘much more about finance,’ says Backpack CEO Armani Ferrante
The Solana ecosystem has spent the past year doubling down on a financial infrastructure, Backpack CEO Armani Ferrante told CoinDesk.
What to know:
- Solana’s latest phase looks a lot less flashy than its memecoin-fueled highs, and that may be the goal.
- Armani Ferrante, CEO of crypto exchange Backpack, told CoinDesk in an interview the Solana ecosystem has spent the past year doubling down on a more sober focus: financial infrastructure. A
- fter years of experimentation as the wider crypto industry focused on NFTs, games and social tokens, attention is now shifting back toward decentralized finance, trading and payments.
Top Stories
