web3.0Slow Mist Cosine: The open source project Solana Sniper Bot has a hidden backdoor that can steal users' private keysSlow Mist Cosine: The open source project Solana Sniper Bot has a hidden backdoor that can steal users' private keys
Blockchain security researcher dm tweeted on the 20th to warn, be careful when downloading and running Web3 projects on Github. He accidentally discovered an open source project called Solana Sniper Bot, which targets It steals the user's Solana private key, encodes checkrug.py in a base64/zlib loop, and then executes it secretly.
Yu Xian, the founder of the blockchain security company Slow Mist, shared the tweet and added that in short, the open source Bot hides the private key backdoor code. If the user is not familiar with the code, he will see fancy code (garbled code) You need to be vigilant, because there may be something fishy hidden in it: Crypto pays attention to open source, and if it is open source, it is eager to provide highly readable code, who will bother with these fancy codes. In addition, the author seems to have deleted the backdoor file. Players who have downloaded and used this bot can contact us.
The installer private key will be sent to Discord
X platform user Greysign shared the picture and pointed out that the author of Solana Sniper Bot submitted checkrug.py on Github not long ago, and you can see it after opening it It is a binary and encrypted file. The decryption function is placed in main.py. After the data is decrypted for the first time, it is a decryption algorithm, and it needs to go through countless layers of decryption.
Solana Sniper Bot hidden trap
It can be seen after decryption. The author will eventually transfer the user's private key to Discord. Greysign pointed out that he went to Github to report it. , left a message saying that there was malicious code, but was deleted by the author. Later, the author deleted the backdoor, but is working hard to update it: as more people use it, backdoors may be added at any time. Be sure to stay away from code libraries with a dark history.
The user’s private key will be transferred to Discord
The above is the detailed content of Slow Mist Cosine: The open source project Solana Sniper Bot has a hidden backdoor that can steal users' private keys. For more information, please follow other related articles on the PHP Chinese website!
Immutable (IMX) zkEVM Network Usage Grows 5.7% Quarter-Over-QuarterMay 04, 2025 am 11:26 AMImmutable recorded steady growth in daily network usage in the first quarter of 2025. According to research by crypto analytics firm Messari, average daily transactions on Immutable zkEVM rose by 5.7% quarter-over-quarter
Dogecoin (DOGE) Price Prediction: Will Dogecoin Price See Revival Soon?May 04, 2025 am 11:24 AMThe memecoin market is currently valued at $55.36 billion with a change of -1.94% over the past 24 hours. Moreover, with a drop of 13.30%, the memecoin segment has
A cryptocurrency trader's $111,000 loss in just five minutes has become a cautionary taleMay 04, 2025 am 11:22 AMAccording to Lookonchain, a blockchain analytics platform, A FOMO (Fear of Missing Out) driven trader spent 200K USDC to buy POPE
Stablecoins Are Signalling the Crypto Market's Sentiment and LiquidityMay 04, 2025 am 11:20 AMThe crypto market's sentiment and liquidity are signaled by stablecoins. They indicate whether the market is bullish or bearish.
Buy the Dip, 2X Your Coins: BTFD's FINAL100 Offer and 2900% Potential Makes It the Next Crypto to ExplodeMay 04, 2025 am 11:18 AMThe next crypto to explode? BTFD Coin, ai16z, and Snek are heating the charts. Don't miss BTFD's presale with 100% bonus & 2900% ROI potential.
Have You Ever Wondered Which Cryptocurrency Could Be the Next 100x Gem?May 04, 2025 am 11:16 AMWith meme coins setting the crypto world ablaze once again, investors are racing to find the golden opportunities before they skyrocket.
Vitalik Buterin Wants Ethereum to Embrace One of Bitcoin's Greatest StrengthsMay 04, 2025 am 11:14 AMIn a recent blog post, Ethereum co-founder Vitalik Buterin proposed a series of changes aimed at simplifying Ethereum's Layer-1 design
Deribit, the world's largest cryptocurrency options exchange, is planning to expand into the United States.May 04, 2025 am 11:12 AMThis decision follows a noticeable shift in the U.S. regulatory environment under President Donald Trump.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
SublimeText3 Linux new version
SublimeText3 Linux latest version
MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.
mPDF
mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),
Dreamweaver Mac version
Visual web development tools
SublimeText3 Chinese version
Chinese version, very easy to use
