A fool and his money are soon parted. When it comes to dealing with cryptocurrency, it’s important to know exactly what you’re doing. However, not only new crypto users fall victim to lurking predators, even a crypto OG will slip up once in awhile.
Here’s a story about a reddit user – tycooperaow – losing over $1,200 in a matter of seconds.
It all started with a mnemonic passphrase that was accidentally left on a github repository. The reddit user forgot to take out the secret passphrase out of his code, which effectively gives control to all the coins in the wallet it unlocks. Unfortunately for tycooperaow, the hackers were able to scan the mnemonic using their bot which searched every recent public github for a potential crypto mnemonic.
Once the bot confirms a match, it will automatically siphon off all funds to the hackers’ addresses.
Looking at the compromised address‘s transaction history, we can see the rogue transaction sending out 0.038ETH. That is roughly $1,000 at the time of writing.
The caveat here, is that the bot only scans for ether, it doesn’t scan for all tokens attached to the address. The user in question still has roughly $600 in DeFi tokens locked up in the address. However, the user can’t create a transaction to send those tokens to an alternate address because any gas sent gets siphoned off by the bot.
If you have any idea how the reddit user can get those tokens out, please help him out by posting in his stackexchange question
.The best lesson we can learn from the this unfortunate event is to never leave your mnemonic in your code, especially one you might publicly submit to github. A better solution would have been to use environment variables and define them outside the code.
Source: Reddit
The Cheems token on the Binance Smart Chain (BSC) is gaining significant momentum, surging by…
The value of $LESTER plummeted by 40% in the past 24 hours, leaving its market…
In a bizarre turn of events, a young live-streamer known as Xiaohaige created the memecoin…
The crypto whale known as "convexcuck.eth" has made waves in the DeFi world, spending $2…
The launch of $ELIZA, a token introduced by Andreessen Horowitz (a16z) partner @shawmakesmagic, has sparked…
Cardano ($ADA) has been making waves in the crypto market, breaking away from the altcoin…