Malicious code implanted in polymarket copy trading project polymarket-copy-trading-bot to steal private keys
Show original
According to Odaily, the GitHub project polymarket-copy-trading-bot has been found to contain malicious code. When the program is launched, it automatically reads the user's wallet private key from the .env file and transmits it to a hacker's server via a hidden malicious dependency package, excluder-mcp-package@1.0.4, resulting in asset theft.
0
0
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
PoolX: Earn new token airdrops
Lock your assets and earn 10%+ APR
Lock now!
You may also like
Trending news
MoreCrypto prices
More
Bitcoin
BTC
$88,100.45
-0.22%
Ethereum
ETH
$2,973.03
-0.33%
Tether USDt
USDT
$0.9997
+0.02%
BNB
BNB
$848.33
-0.73%
XRP
XRP
$1.92
+0.48%
USDC
USDC
$0.9999
+0.01%
Solana
SOL
$125.25
-0.91%
TRON
TRX
$0.2834
+1.35%
Dogecoin
DOGE
$0.1315
+0.19%
Cardano
ADA
$0.3680
-1.59%
How to buy BTC
Bitget lists BTC – Buy or sell BTC quickly on Bitget!
Trade now
Become a trader now?A welcome pack worth 6200 USDT for new users!
Sign up now