Security Alert: Malicious Projects Disguised as "Copy Trading Bots" on GitHub Stealing Private Keys
Show original
Jinse Finance reported that the GitHub project polymarket-copy-trading-bot has been implanted with malicious code. When the program is launched, it automatically reads the user's .env file for the wallet private key and transmits it to the hacker's server through a hidden malicious dependency package excluder-mcp-package@1.0.4, resulting in asset theft.
0
0
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
PoolX: Earn new token airdrops
Lock your assets and earn 10%+ APR
Lock now!
You may also like
Trending news
MoreCrypto prices
More
Bitcoin
BTC
$88,158.15
-0.27%
Ethereum
ETH
$2,974.75
-0.26%
Tether USDt
USDT
$0.9996
+0.01%
BNB
BNB
$849.16
-0.62%
XRP
XRP
$1.92
+0.38%
USDC
USDC
$0.9998
-0.03%
Solana
SOL
$125.25
-1.02%
TRON
TRX
$0.2829
+1.18%
Dogecoin
DOGE
$0.1315
+0.25%
Cardano
ADA
$0.3681
-1.44%
How to buy BTC
Bitget lists BTC – Buy or sell BTC quickly on Bitget!
Trade now
Become a trader now?A welcome pack worth 6200 USDT for new users!
Sign up now