🚀 Security Alert: GitHub Project Exploited in Cryptocurrency Theft
#SecurityAlert #GitHub #CryptocurrencyTheft #OpenSource #MaliciousCode #NodeJS #AssetTheft #CyberSecurity #SocialEngineering #SlowMist #Caution #Isolation #PrivateKey #SOL
According to PANews, a security incident involving a GitHub-hosted open-source project has resulted in the theft of cryptocurrency assets. On July 2, a victim reported using the project named zldp2002/solana-pumpfun-bot, which led to the unauthorized access and theft of their digital assets. The SlowMist security team analyzed the attack, revealing that the perpetrators disguised the malicious code as a legitimate open-source project. This deception encouraged users to download and execute the harmful Node.js project, which contained malicious dependencies. As a result, users' wallet private keys were compromised, leading to asset theft.
The attack involved multiple GitHub accounts working in coordination, which expanded the reach and credibility of the malicious project, making it highly deceptive. This type of attack combines social engineering with technical methods, making it challenging to defend against even within organizations.
SlowMist advises developers and users to exercise extreme caution when dealing with unfamiliar GitHub projects, especially those involving wallet or private key operations. It is recommended to run and debug such projects in isolated environments without sensitive data to mitigate risks.#SecurityAlert #GitHub #CryptocurrencyTheft #OpenSource #MaliciousCode #NodeJS #AssetTheft #CyberSecurity #SocialEngineering #SlowMist #Caution #Isolation #PrivateKey #SOL
🚀 Cybersecurity Firm Uncovers Large-Scale Malware Targeting Cryptocurrency Users
#Cybersecurity #Malware #Cryptocurrency #NodeJS #JSCEAL #FakeAdvertisements #UserSafety #Antivirus #Phishing #CyberThreats
According to PANews, cybersecurity company Check Point has identified a significant malicious campaign named JSCEAL, targeting cryptocurrency application users through the Node.js platform. This campaign, active since March 2024, involves attackers using fake advertisements to trick users into downloading malicious programs disguised as nearly 50 mainstream cryptocurrency trading applications. In the first half of 2025, approximately 35,000 related malicious ads were circulated, garnering millions of views in the EU alone.
The attack process is multi-layered, exhibiting strong anti-detection capabilities. It can steal sensitive information such as user credentials and wallets, and it includes features for remote control, keylogging, and browser traffic hijacking. Research indicates that the detection rate for this malware is extremely low, with some variants going undetected by mainstream antivirus software for extended periods. Users are advised to remain vigilant and avoid downloading cryptocurrency applications from unofficial sources.#Cybersecurity #Malware #Cryptocurrency #NodeJS #JSCEAL #FakeAdvertisements #UserSafety #Antivirus #Phishing #CyberThreats
🚀 ModStealer Malware Poses Threat to Crypto Wallets Across Platforms
#ModStealer #Malware #CryptoWallets #CrossPlatform #Windows #Linux #macOS #WalletExtensions #WalletData #Credentials #DigitalCertificates #C2Server #PrivateKeys #MnemonicPhrases #APIKeys #OnChainAttacks #JobAdvertisements #Developers #NodeJS #SecurityThreat
According to PANews, security firm Mosyle has identified a cross-platform malware named ModStealer, which can bypass mainstream antivirus software by disguising itself as a background assistant program. This malware specifically targets browser-based crypto wallet data on Windows, Linux, and macOS systems. It spreads through fake job advertisements and primarily targets developers with Node.js environments installed.
ModStealer is capable of automatically executing and collecting wallet extensions, system credentials, and digital certificates, subsequently uploading the data to a remote command and control (C2) server. Security experts warn that this malware poses a direct threat to cryptocurrency users and platforms, potentially leading to the exposure of private keys, mnemonic phrases, and API keys, which could result in large-scale on-chain attacks.#ModStealer #Malware #CryptoWallets #CrossPlatform #Windows #Linux #macOS #WalletExtensions #WalletData #Credentials #DigitalCertificates #C2Server #PrivateKeys #MnemonicPhrases #APIKeys #OnChainAttacks #JobAdvertisements #Developers #NodeJS #SecurityThreat