SlowMist: GitHubs popular Solana tool hides a trap for stealing coins

By: odaily.com|2025/07/03 11:41:26

Odaily News According to the monitoring of the SlowMist security team, on July 2, a victim said that he had used an open source project hosted on GitHub the day before - zldp2002/solana-pumpfun-bot, and then his encrypted assets were stolen. According to SlowMist analysis, in this attack, the attacker induced users to download and run malicious code by disguising as a legitimate open source project (solana-pumpfun-bot). Under the cover of increasing the popularity of the project, the user ran the Node.js project with malicious dependencies without any defense, resulting in the leakage of wallet private keys and theft of assets. The entire attack chain involves multiple GitHub accounts to operate in coordination, which expands the scope of dissemination, enhances credibility, and is extremely deceptive. At the same time, this type of attack uses social engineering and technical means, and it is difficult to fully defend within the organization. SlowMist recommends that developers and users be highly vigilant against GitHub projects of unknown origin, especially when it comes to wallet or private key operations. If you really need to run and debug, it is recommended to run and debug in an independent machine environment without sensitive data.

WEEX Labs, the innovation arm of the global crypto exchange WEEX, launched the preliminary round of its flagship AI trading hackathon, AI Wars: WEEX Alpha Awakens, on January 12, 2026. Backed by world-class sponsors including AWS, the prize pool has reached $1.88 million, with a Bentley Bentayga S awaiting the champion in Dubai. Already, 788 elite teams worldwide are battling for a spot in the finals. This is more than a hackathon — it is a real-market stress test for AI trading. Registration remains open until January 18. If you want your AI to face real volatility, this is your moment.

AI Wars: WEEX Alpha Awakens – Insights, Top Strategies, and Real-Market Execution Takeaways

WEEX Labs has officially launched the preliminary round of its global AI trading hackathon, AI Wars: WEEX Alpha Awakens, bringing together hundreds of elite teams to compete in real-market conditions. With a record-breaking $1.88 million prize pool and backing from top-tier sponsors like AWS, the event has quickly become a global proving ground for AI-powered trading strategies. As competition intensifies and standout teams emerge on the leaderboard, the hackathon not only showcases cutting-edge AI execution and risk management, but also offers valuable insights and inspiration for traders looking to build or refine their own AI-driven systems.

WEEX P2P now supports Polish zloty (PLN)—new users and merchant rewards

To make crypto deposits easier, WEEX has officially launched its P2P trading platform and continues to expand fiat support. We're excited to announce that the Polish Zloty (PLN) is now available on WEEX P2P!

Layoffs of 30%, But Spending $250 Million to Buy a Company - What Is Polygon Thinking?

Seemingly contradictory move, Polygon's withdrawal from the L2 battlefield is actually a strategic shift to bet on stablecoin payments.

Sentient Reveals Tokenomics, How Will the Market Price It?

343 billion SENT, with over 60% allocated to the community and ecosystem, team and investor holdings locked long-term, probability of FDV exceeding $6 billion over 80%.

AI in the Crypto Market: How Artificial Intelligence is Changing Trading Strategies

This article explores how AI contributes to these movements and share practical strategies to help you navigate an AI-powered crypto market.

Yen Weakness Nears Inflation Red Line: Bank of Japan May Be Forced to Hike Early

As the yen falls to an 18-month low, central bank officials are starting to worry that the exchange rate will boost inflation and may accelerate the pace of interest rate hikes.

Cross-chain Collaboration: Tom Lee Invests $200 Million, Joins Forces with Global Top Streamer Mr. Beast

BitMine Invests $200 Million in Beast Industries, Recognizing its Potential to Expand Global Traffic On-ramps into Financial Infrastructure.

Interactive Brokers Integrates USDC, US Bank Questions Stablecoin, What's the Overseas Buzz?

What Have Foreigners Been Most Interested in Over the Last 24 Hours?

Trump Waves Hand, Stirs Venezuela's Game Hurricane

Cryptocurrency, a 25-year-old game about the survival and escape of Venezuelans

The Genius Stopping Law: Why Did Coinbase Backpedal at the Eleventh Hour?

The dilemma of regulation is that it seeks to delineate boundaries for insatiable desire.

Fact Check: How Much Money Did the University of Chicago Lose in its Crypto Investment?

Multiple sources indicate that the claim of the University of Chicago losing over $6 billion in a cryptocurrency investment is false, and the budget cuts stem from various factors such as leveraged expansion and debt pressure.

Rumor has it that Coinbase is set to acquire Farcaster, still an Acquihire.

Which Tokens Have Potential Upside

VanEck Q1 Market Outlook: Long-Term Bullish on Cryptocurrency, Strong Gold Demand

Monetary and Fiscal Policy Uncertainty is Decreasing, AI and Gold Price Adjustment are Creating Allocation Opportunities, while Cryptocurrencies Remain Bullish in the Long Term.

In the span of a week, what does Twitter's continuous updating on the Coin Circle Plate reform and Musk's intentions mean?

「Everything App」 Prototype Look

By seizing the first five seconds of Gold Dog, "Dry Sitting P Junior" earns $430,000 in 30 days.

Memecoin's New "Son of a Fork"