- Buy Crypto
- Markets
Futures- Spot
- Copy Trade
- Earn
- More
SlowMist: GitHubs popular Solana tool hides a trap for stealing coins
Odaily News According to the monitoring of the SlowMist security team, on July 2, a victim said that he had used an open source project hosted on GitHub the day before - zldp2002/solana-pumpfun-bot, and then his encrypted assets were stolen. According to SlowMist analysis, in this attack, the attacker induced users to download and run malicious code by disguising as a legitimate open source project (solana-pumpfun-bot). Under the cover of increasing the popularity of the project, the user ran the Node.js project with malicious dependencies without any defense, resulting in the leakage of wallet private keys and theft of assets. The entire attack chain involves multiple GitHub accounts to operate in coordination, which expands the scope of dissemination, enhances credibility, and is extremely deceptive. At the same time, this type of attack uses social engineering and technical means, and it is difficult to fully defend within the organization. SlowMist recommends that developers and users be highly vigilant against GitHub projects of unknown origin, especially when it comes to wallet or private key operations. If you really need to run and debug, it is recommended to run and debug in an independent machine environment without sensitive data.
You may also like
Trade to Earn Series IV: WEEX Launches Up to 40% Real-Time Futures Fee Rebates
Trade futures on WEEX and earn up to 40% real-time fee rebates. Trade to Earn Series IV lets you accumulate WXT rewards while reducing trading costs.
WEEX AI Hackathon Champions Crowned, Revealing Future of AI Trading
The first-ever WEEX AI Hackathon has concluded, with 10 winners emerging from over 200 global teams. Beyond its $1.8 million prize pool, the event marked a milestone—proving that the future of AI trading belongs to accessible, AI-powered innovation.
View: No Hype, No FUD, I Rate OpenClaw at 65 Points
Single-day Oil Price Plunge Exceeds 30%, Copilot Cowork Feature Launched, What Is the English-Speaking Community Talking About Today?
The Agent Spend Safely thing has already taken off
After the rise in the stablecoin's status, long-time partners Circle and Stripe vie for dominance
WEEX Trade to Earn: Turn Futures Trading into Instant WXT Rewards
Join WEEX Trade to Earn and earn instant WXT rebates on every futures trade. Boost rewards with referrals and tasks. Trade more, earn more on WEEX exchange.
Trading Everything, Never Closing: RWA Perpetual Contracts (Part 1)
Morning News | Nscale completes $2 billion Series C funding; 20 millionth Bitcoin has been mined; Polymarket will launch S&P 500 binary options products
Dialogue between Vitalik and Suji: Why have decentralized social products failed?
Trading Never Sleeps: On-Chain, Crude Oil, and Leverage
On-chain Yield Panorama: The Evolution from Interest-bearing Stablecoins to Crypto Credit Products
RootData announced the integration with OpenClaw, and these gameplay features have gone viral
Key Market Intelligence on March 9th, how much did you miss out on?
a16z: After AI Superpowers, Where to Next for Humanity?
Why Does Oil Go Up When Bitcoin Goes Down?
Decoding 112,000 Polymarket Addresses: The Top 1% Making Money Are Doing These Five Things
AAVE founder issues a warning: DeFi must never become the exit liquidity for Wall Street private credit
Trade to Earn Series IV: WEEX Launches Up to 40% Real-Time Futures Fee Rebates
Trade futures on WEEX and earn up to 40% real-time fee rebates. Trade to Earn Series IV lets you accumulate WXT rewards while reducing trading costs.
WEEX AI Hackathon Champions Crowned, Revealing Future of AI Trading
The first-ever WEEX AI Hackathon has concluded, with 10 winners emerging from over 200 global teams. Beyond its $1.8 million prize pool, the event marked a milestone—proving that the future of AI trading belongs to accessible, AI-powered innovation.
App