Blockchain security researcher DM posted on the X platform: "Be careful when downloading and running the Web3 project on Github. An open source project I occasionally saw today found that it stole the private key of user Solana, checkrug.py encoded in a base64/zlib loop and then secretly executed: hxxps://github.com/HELIPOX/solana-sniper-bot."
In this regard, Cosine, the founder of SlowMist, posted a comment on the X platform: "This open-source bot has a backdoor code for stealing private keys. If you are not familiar with the code, you need to be vigilant when you see the bells and whistles (" garbled code "). It may be secretly hiding some tricks. Crypto is all about open-source, open-source, and eager to provide highly readable code. Who will fix these bells and whistles. In addition, the author seems to have deleted the backdoor file. Players who download and use this bot can contact."
Slow Mist Cosine: An open-source bot has backdoor code for stealing private keys, users need to be vigilant
2024-04-21 01:43:18
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.
Previous article:
慢雾余弦:某开源bot存在偷私钥后门代码,用户需保持警惕Next article:
一个休眠8.7年的以太坊预挖矿地址被激活,内含197 ETH
