A recent cryptocurrency scam on GitHub has revealed the dangers associated with open-source projects. A bot posing as a Solana trading tool has stolen funds from unsuspecting users.
Background of the Scam
The project titled *solana-pumpfun-bot*, hosted under the account *zldp2002*, mimicked a legitimate tool but secretly harvested users' private information.
According to cybersecurity firm SlowMist, a victim contacted their team after losing crypto funds. Analysis of the code revealed malicious components aimed at sending private keys to an external server controlled by the hacker.
False Popularity Signals
In addition to its apparent legitimacy, the repository exhibited signs of manipulated popularity. It boasted over 400 forks and hundreds of stars, creating an impression of a trusted tool. These indicators misled many users into downloading the bot and running it without examining the source code.
SlowMist's research highlighted obfuscated JavaScript performing background operations on private keys and submitting data to a server controlled by the hacker.
Consequences and Recommendations
Experts emphasize the growing risks in open-source cryptocurrency development. SlowMist strongly advises users against relying on any metrics or appearances displayed in public repositories. When testing crypto tools, users should continuously conduct manual code audits and isolate third-party scripts. Incidents like this wallet-stealing bot underscore the necessity for careful verification of tools before connecting wallets or executing transactions.
This incident serves as a reminder of the risks associated with using open-source code in the crypto space. Users should exercise caution and carry out independent verifications of tools to avoid the theft of funds.
