A Polymarket copy trading bot has been warned to install malware on GitHub: when running, it will read the .env file containing the wallet's private key and send it back to the hacker’s server to steal the key.
The warning spread after 23pds, the Chief Information Security Officer of SlowMist Technology, reposted content from the community about the risk of malware hidden in the trading bot's source code.
MAIN CONTENT
Polymarket copy trading bot accused of embedding malware in GitHub repo.
The program reads the .env file and sends the private key to the hacker's server.
The author modifies/commits multiple times to hide the malicious package.
How malware steals private keys from GitHub projects
Malware is hidden in the code of a Polymarket copy trading bot; when launched, it automatically reads the .env file and exfiltrates data to the hacker's server.
According to the warning, the user's .env file contains the private key of the cryptocurrency wallet. The program, as soon as it runs, will access this file and send the private key to a server controlled by the hacker, thereby facilitating the theft of the wallet.
Notably, the author of the program continuously edits and commits code to GitHub to deliberately hide the malicious package. This makes it difficult for users to detect if they only skim through the change history or trust the open-source repo without thoroughly reviewing dependencies and runtime behavior.
Warnings from SlowMist and the risk of recurrence
23pds stated that this is not the first time the tactic of hiding malware in trading tools has appeared, and it is likely to continue in the future.
The warning content was retweeted by 23pds, Chief Information Security Officer of SlowMist Technology, from a community user on December 21. The focus is on the attack scenario targeting users running copy trading bots from GitHub, especially if the system stores private keys in .env.
This is not the first time, and it won’t be the last.
Source: https://tintucbitcoin.com/ciso-slowmist-canh-bao-bot-polymarket-danh-cap-khoa/
Thank you for reading this article!
Please Like, Comment, and Follow TinTucBitcoin to stay updated with the latest news about the cryptocurrency market and not miss any important information!
$BTC $ETH $BNB $XRP $SOL
