Slow Mist Cosine: The open source project Solana Sniper Bot has a hidden backdoor that can steal users’ private keys
- WBOYforward
- 2024-04-22 08:10:07319browse
Blockchain security researcher dm tweeted on the 20th to warn, be careful when downloading and running Web3 projects on Github. He accidentally discovered an open source project called Solana Sniper Bot, which targets It steals the user's Solana private key, encodes checkrug.py in a base64/zlib loop, and then executes it secretly.
Yu Xian, the founder of the blockchain security company Slow Mist, shared the tweet and added that in short, the open source Bot hides the private key backdoor code. If the user is not familiar with the code, he will see fancy code (garbled code) You need to be vigilant, because there may be something fishy hidden in it: Crypto pays attention to open source, and if it is open source, it is eager to provide highly readable code, who will bother with these fancy codes. In addition, the author seems to have deleted the backdoor file. Players who have downloaded and used this bot can contact us.
The installer private key will be sent to Discord
X platform user Greysign shared the picture and pointed out that the author of Solana Sniper Bot submitted checkrug.py on Github not long ago, and you can see it after opening it It is a binary and encrypted file. The decryption function is placed in main.py. After the data is decrypted for the first time, it is a decryption algorithm, and it needs to go through countless layers of decryption.
Solana Sniper Bot hidden trap
It can be seen after decryption. The author will eventually transfer the user's private key to Discord. Greysign pointed out that he went to Github to report it. , left a message saying that there was malicious code, but was deleted by the author. Later, the author deleted the backdoor, but is working hard to update it: as more people use it, backdoors may be added at any time. Be sure to stay away from code libraries with a dark history.
The user’s private key will be transferred to Discord
The above is the detailed content of Slow Mist Cosine: The open source project Solana Sniper Bot has a hidden backdoor that can steal users’ private keys. For more information, please follow other related articles on the PHP Chinese website!