web3.0
Slow Mist Cosine: The open source project Solana Sniper Bot has a hidden backdoor that can steal users' private keys
Slow Mist Cosine: The open source project Solana Sniper Bot has a hidden backdoor that can steal users' private keys
Blockchain security researcher dm tweeted on the 20th to warn, be careful when downloading and running Web3 projects on Github. He accidentally discovered an open source project called Solana Sniper Bot, which targets It steals the user's Solana private key, encodes checkrug.py in a base64/zlib loop, and then executes it secretly.
Yu Xian, the founder of the blockchain security company Slow Mist, shared the tweet and added that in short, the open source Bot hides the private key backdoor code. If the user is not familiar with the code, he will see fancy code (garbled code) You need to be vigilant, because there may be something fishy hidden in it: Crypto pays attention to open source, and if it is open source, it is eager to provide highly readable code, who will bother with these fancy codes. In addition, the author seems to have deleted the backdoor file. Players who have downloaded and used this bot can contact us.
The installer private key will be sent to Discord
X platform user Greysign shared the picture and pointed out that the author of Solana Sniper Bot submitted checkrug.py on Github not long ago, and you can see it after opening it It is a binary and encrypted file. The decryption function is placed in main.py. After the data is decrypted for the first time, it is a decryption algorithm, and it needs to go through countless layers of decryption.
Solana Sniper Bot hidden trap
It can be seen after decryption. The author will eventually transfer the user's private key to Discord. Greysign pointed out that he went to Github to report it. , left a message saying that there was malicious code, but was deleted by the author. Later, the author deleted the backdoor, but is working hard to update it: as more people use it, backdoors may be added at any time. Be sure to stay away from code libraries with a dark history.
The user’s private key will be transferred to Discord
The above is the detailed content of Slow Mist Cosine: The open source project Solana Sniper Bot has a hidden backdoor that can steal users' private keys. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1655
14
1413
52
1306
25
1252
29
1226
24
Meme Coin Exchange Ranking Meme Coin Main Exchange Top 10 Spots
Apr 22, 2025 am 09:57 AM
The most suitable platforms for trading Meme coins include: 1. Binance, the world's largest, with high liquidity and low handling fees; 2. OkX, an efficient trading engine, supporting a variety of Meme coins; 3. XBIT, decentralized, supporting cross-chain trading; 4. Redim (Solana DEX), low cost, combined with Serum order book; 5. PancakeSwap (BSC DEX), low transaction fees and fast speed; 6. Orca (Solana DEX), user experience optimization; 7. Coinbase, high security, suitable for beginners; 8. Huobi, well-known in Asia, rich trading pairs; 9. DEXRabbit, intelligent
What are the digital currency trading apps suitable for beginners? Learn about the coin circle in one article
Apr 22, 2025 am 08:45 AM
When choosing a digital currency trading platform suitable for beginners, you need to consider security, ease of use, educational resources and cost transparency: 1. Priority is given to platforms that provide cold storage, two-factor verification and asset insurance; 2. Apps with a simple interface and clear operation are more suitable for beginners; 3. The platform should provide learning tools such as tutorials and market analysis; 4. Pay attention to hidden costs such as transaction fees and cash withdrawal fees.
The top ten free platform recommendations for real-time data on currency circle markets are released
Apr 22, 2025 am 08:12 AM
Cryptocurrency data platforms suitable for beginners include CoinMarketCap and non-small trumpet. 1. CoinMarketCap provides global real-time price, market value, and trading volume rankings for novice and basic analysis needs. 2. The non-small quotation provides a Chinese-friendly interface, suitable for Chinese users to quickly screen low-risk potential projects.
Git: The Core of Version Control, GitHub: Social Coding
Apr 23, 2025 am 12:04 AM
Git and GitHub are key tools for modern software development. Git provides version control capabilities to manage code through repositories, branches, commits and merges. GitHub provides code hosting and collaboration features such as Issues and PullRequests. Using Git and GitHub can significantly improve development efficiency and team collaboration capabilities.
A list of special services for major virtual currency trading platforms
Apr 22, 2025 am 08:09 AM
Institutional investors should choose compliant platforms such as Coinbase Pro and Genesis Trading, focusing on cold storage ratios and audit transparency; retail investors should choose large platforms such as Binance and Huobi, focusing on user experience and security; users in compliance-sensitive areas can conduct fiat currency trading through Circle Trade and Huobi Global, and mainland Chinese users need to go through compliant over-the-counter channels.
Summary of the top ten Apple version download portals for digital currency exchange apps
Apr 22, 2025 am 09:27 AM
Provides a variety of complex trading tools and market analysis. It covers more than 100 countries, has an average daily derivative trading volume of over US$30 billion, supports more than 300 trading pairs and 200 times leverage, has strong technical strength, a huge global user base, provides professional trading platforms, secure storage solutions and rich trading pairs.
Top 10 latest releases of virtual currency trading platforms for bulk transactions
Apr 22, 2025 am 08:18 AM
The following factors should be considered when choosing a bulk trading platform: 1. Liquidity: Priority is given to platforms with an average daily trading volume of more than US$5 billion. 2. Compliance: Check whether the platform holds licenses such as FinCEN in the United States, MiCA in the European Union. 3. Security: Cold wallet storage ratio and insurance mechanism are key indicators. 4. Service capability: Whether to provide exclusive account managers and customized transaction tools.
Top 10 virtual currency trading platforms with the lowest handling fee
Apr 22, 2025 am 08:30 AM
Binance spot trading fee is 0.1%, and holding BNB can be reduced to 0.025%; OKX rate is 0.1%-0.2%, with a minimum of 0.02%; Gate.io rate is 0.2%, with a minimum of 0.10%; FTX rate is 0.02%-0.05%, but has filed for bankruptcy; Coinbase Pro rate is as low as 0.05%, ordinary users; Kraken rate is 0.16%-0.26%, with a minimum of 0.10%; Bitfinex rate is 0.1%-0.2%, with a minimum of 0.02%; Huobi rate is 0.2%, with a minimum of 0.02%; KuCoin rate is 0.1%, with a minimum of 0.02%; Bithumb rate is 0.15%, with a minimum of 0.02%; Huobi rate is 0.2%, with a minimum of 0.02%; KuCoin rate is 0.1%, with a minimum of 0.02%;