Security Alert: Malicious Projects Disguised as "Copy Trading Bots" on GitHub Stealing Private Keys
Jinse Finance reported that the GitHub project polymarket-copy-trading-bot has been implanted with malicious code. When the program is launched, it automatically reads the user's .env file for the wallet private key and transmits it to the hacker's server through a hidden malicious dependency package excluder-mcp-package@1.0.4, resulting in asset theft.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
24-Hour Spot Funding Inflow/Outflow Rankings: UNI Net Inflow of $11.32M, WET Net Outflow of $11.30M
A certain whale has once again withdrawn 246,259 LINK from an exchange, worth $3.08 million.
Trending news
MoreCrypto prices
More
