Slow Mist Technology Chief Information Security Officer 23pds issued a warning that the latest version of Phantom wallet may have security bugs, and the victim has explained the risk of Phantom Profile: when a user imports a mnemonic from an unknown source, if the mnemonic has been associated with Phantom Profile, the wallet will automatically log in to the account system, putting the user's assets at risk of theft. According to the victim's description, when users who do not have Phantom Profile open import such mnemonic words, the wallet will automatically log into the pre-set attacker account system, rather than just importing a single wallet address. Since the latest version of Phantom uses the Unified Profile System, this operation allows attackers to gain access to the user's device, allowing them to monitor the user's subsequent deposit behavior and commit currency theft. Reminder: Do not import mnemonic words of unknown origin under any circumstances. It is recommended that users use a new device when importing a new wallet to avoid damage to their main assets.