Well now, there’s a tale as old as river silt and twice as slippery: a so-called Solana trading bot showed up on GitHub, struttin’ around like a prize hog at the state fair. Trouble is, it was more rattlesnake than piglet, what with its crypto-thieving malware hiding in the haystack.
According to SlowMist—the blockchain sleuths who spend their Fridays solving mysteries (bless ‘em)—this solana-pumpfun-bot commotion was hosted by some enterprising soul known as “zldp2002.” He dressed his repo up all pretty to look like a real, honest-to-goodness open-source tool, then stood back and waited for folks to hand over their keys faster than a greenhorn in a shell game. It took only one poor soul yelling, “Where’s my darned money?” before SlowMist caught wind and started snooping around.
This bot had more stars than a Kansas summer night and more forks than Aunt Polly’s kitchen drawer, but, as SlowMist sniffed around, the stink of shenanigans grew stronger. Turns out, every bit of code, across every nook and cranny, had been shoved in about three weeks prior. The whole thing was a mess—a more irregular operation than Tom Sawyer’s work ethic.
If you’re the sort who gets excited by Node.js, there’s your culprit. This critter leaned on a package called crypto-layout-utils—which, wouldn’t you know, had already been kicked out of the NPM registry faster than a poker cheat out of the saloon.
A suspicious NPM package
Now, imagine the registry dried up, so the victim bought snake oil out behind the barn. Sure enough, SlowMist found the attacker was fetching his poison from a separate GitHub repo, probably using a password like “password123.”
This rascally package put on a disguise using some fancy trickery called jsjiami.com.v7. That’s code obfuscation for you city slickers—like painting your barn plaid to keep folks from snooping. When SlowMist took a crowbar to it, out came the truth: this software sniffed through your files like Aunt Polly sniffing out Tom’s mischief, and if it caught scent of wallet details, private keys, or your great-grandpappy’s secret chili recipe, it shipped them straight to a remote server. Might as well put your coins on the stagecoach and send them down Desperado Lane. 🪙😱
More than a single repository
The deeper the search, the more skeletons rattled in closets. The scoundrel behind “zldp2002” was likely running a flock of fake GitHub accounts—enough aliases to make Jesse James jealous. These accounts would fork and star projects ‘til you’d swear you were looking at a blue-ribbon-winning open-source community. Instead, it was a den of code-bandits, passing out viruses with all the generosity of a snake-oil salesman selling miracle cures that only cure your wallet… of cash.
Some of these look-alike repositories packed a second serving of bad news with another little package called bs58-encrypt-utils-1.0.3, whipped up faster than a June thunderstorm. All this skulduggery started around mid-June, which must’ve been when the mastermind figured crypto users were ripe for the picking. The result: a regular gold rush—for hackers, anyway.
This latest ruse is just another locust in the swarm of software supply chain attacks gobbling up crypto users’ dreams. One minute you’re downloading a bot to get rich, and the next you’re starring in “Lost Wallet: The Frontier Saga.” And if you think this gig is limited to Solana, don’t blink—just last week, Firefox users found out their wallet extensions were as counterfeit as Injun Joe’s alibis, courtesy of more mischief hosted on GitHub.
So, next time someone offers you a shiny new bot that promises the moon, well, maybe check twice before letting it ride off with your stash. Or at least hide your keys better than Tom hid his treasures in that old cave. 🤠🔑
Read More
- USD IDR PREDICTION
- BTC PREDICTION. BTC cryptocurrency
- USD KRW PREDICTION
- WLD PREDICTION. WLD cryptocurrency
- XRP PREDICTION. XRP cryptocurrency
- HYPE PREDICTION. HYPE cryptocurrency
- EUR HKD PREDICTION
- CRO PREDICTION. CRO cryptocurrency
- QNT PREDICTION. QNT cryptocurrency
- EUR IDR PREDICTION
2025-07-04 17:26