Ethereum developer Zak Cole fell victim to malicious activity involving AI-based tools, underscoring the growing threats faced by cryptocurrency users.
How the Theft Occurred
Zak Cole installed the 'contractshark.solidity-lang' extension, which seemed legitimate. However, it exfiltrated his private keys to an attacker's server, giving access to his hot wallet for three days before the funds were drained on August 10. He noted that this was his first instance of losing funds in 10 years of experience in the crypto industry, with losses amounting to 'a few hundred' dollars in Ether.
Increasing Threat from Malicious Programs
Cryptocurrency thefts using specific programs known as 'wallet drainers' are becoming an increasingly common threat to investors. In September 2024, a fraudulent application disguised as WalletConnect stole over $70,000 worth of digital assets within just five months on Google Play.
Safety Recommendations
Hakan Unal, a senior security expert from Cyvers, emphasized that attackers are using fake extensions and typosquatting to steal private keys. He recommended that developers vet extensions, avoid storing secrets in plain text or .env files, use hardware wallets, and develop in isolated environments.
Zak Cole's situation highlights the need for increased attention to security when using additional tools and extensions, especially in the rapidly changing cryptocurrency landscape.
