Cybersecurity firm SlowMist recently revealed that it was contacted by a user who was affected by a malicious open-source project on GitHub that appeared to be a Pump.fun bot for trading Solana-based tokens.
The user downloaded and ran a seemingly innocuous GitHub project. Shortly after this, their wallet ended up being drained.
The bogus project was a Node.js app with a dependency on a package that was downloaded from a custom GitHub link. The package was able to bypass the security checks of the NPM registry. This is typical behavior for attackers, who tend to hide malicious code in externally hosted packages in order to be able to avoid detection.
HOT Stories Ripple Unlocks 500,000,000 More XRP in Surprising July Maneuver 'Rich Dad Poor Dad' Author Sounds Alarm About 95% US Dollar Crash 'Buy Bitcoin': Bitwise Exec Reacts to Ray Dalio's Warning Satoshi-Era Bitcoin Wallets Move Over $1 Billion Each After 14 Years of Inactivity
The package then ended up scanning the victim's wallet for crypto wallet information. It then sent private keys to a server controlled by the malicious actor.
The hacker faked popularity by using bogus GitHub accounts to make it look trustworthy.
SlowMist has stressed that users should never blindly trust GitHub projects.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
