Security Alert: GitHub Appears Private Key Stealing Malicious Project Masquerading as "Copy Bot"
2025-12-21 03:46:25
The GitHub project polymarket-copy-trading-bot implanted with malicious code. When launched, the program automatically reads the wallet private key in the user.env file and transmits it to the hacker server through a hidden malicious dependency package [email protected], resulting in asset theft.
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.
Previous article:
安全预警:GitHub出现伪装“跟单机器人”的私钥窃取恶意项目Next article:
金色午报 | 12月21日午间重要动态一览