Malicious code implanted in polymarket copy trading project polymarket-copy-trading-bot to steal private keys
According to Odaily, the GitHub project polymarket-copy-trading-bot has been found to contain malicious code. When the program is launched, it automatically reads the user's wallet private key from the .env file and transmits it to a hacker's server via a hidden malicious dependency package, excluder-mcp-package@1.0.4, resulting in asset theft.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Two whales deposited 5 million USDC into Hyperliquid to purchase HYPE
Data: Hyperliquid and pump.fun become high-income DeFi projects outside of stablecoins
Japanese yen stablecoin issuer JPYC announces joint stablecoin research with South Korean IT giant ITCEN GLOBAL
Bitget launches Christmas season event for new users, offering contract trading trial funds and USDT airdrop
Trending news
MoreCrypto prices
More
