SlowMist: GitHub's popular Solana tool hides a trap for stealing coins
PANews reported on July 3 that according to the SlowMist security team, on July 2, a victim claimed that he had used an open source project hosted on GitHub the day before - zldp2002/solana-pumpfun-bot, and then his encrypted assets were stolen. According to SlowMist analysis, in this attack, the attacker induced users to download and run malicious code by disguising as a legitimate open source project (solana-pumpfun-bot). Under the cover of boosting the popularity of the project, the user ran the Node.js project with malicious dependencies without any precautions, resulting in the leakage of the wallet private key and the theft of assets. The entire attack chain involves the coordinated operation of multiple GitHub accounts, which expands the scope of dissemination, enhances credibility, and is extremely deceptive. At the same time, this type of attack uses both social engineering and technical means, and it is difficult to fully defend against it within the organization.
SlowMist recommends that developers and users be highly vigilant against unknown GitHub projects, especially when it comes to wallet or private key operations. If you really need to run and debug, it is recommended to run and debug in an independent machine environment without sensitive data.
You May Also Like
The whale that had been dormant for more than 14 years and transferred out 10,000 BTC, transferred out 10,000 BTC from another wallet
Bitcoin spot ETFs had a net inflow of $602 million yesterday, with Fidelity ETF FBTC leading the way with a net inflow of $237 million