Ethereum developer wallet stolen funds by malicious AI plugin

金色财经|Aug 13, 2025 12:35

Ethereum core developer Zack Kerr revealed that his hot wallet was attacked due to the installation of the malicious AI extension "contractshark. solidity lang", resulting in the theft of private keys and the transfer of funds. The plugin disguises itself as a legitimate tool with over 54000 downloads, but in reality reads the user's. env file and sends the private key to the attacker's server. The attacker transferred the funds from the wallet on August 10th, three days after obtaining the private key.

+5

Mentioned

|

APP

Windows

Mac

Share To

X

Telegram

Facebook

Reddit

CopyLink

|

Share To

Timeline

Aug 12, 10:06【Monero network suspected of experiencing a 51% attack】

Aug 10, 06:49【Cross chain security mechanism and risk prevention】

Aug 08, 13:52【Private key management has become more difficult in scale】

Aug 08, 13:34【FHE fully homomorphic encryption enhances blockchain privacy】

Aug 07, 13:11【The actual risk of Bitcoin holders being subjected to wrench attacks】

Aug 07, 04:13【Google search for 'Aave' first result suspected to be phishing website】

Aug 06, 22:05【OpenAI's new 'anti jailbreak' model has been attacked by hackers】

Aug 05, 17:05【Protect oneself from hacker attacks】

Aug 05, 09:27【ClickTok hacking campaign targets TikTok Shop users】

Aug 04, 21:57【The world's first Human+AI network】

HotFlash

|

APP

Windows

Mac

Share To

X

Telegram

Facebook

Reddit

CopyLink

APP

Windows

Mac

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads