Security-oriented researchers and companies have warned about a popular, open-source Polymarket copy trading bot hosted on GitHub.
The bot was created by a developer under the handle “Trust412,” and reportedly contains hidden malicious code across multiple commits and dependencies.
SlowMist sounds Polymarket trading bot warning
Earlier today, December 21, 23pds, SlowMist’s Chief Information Security Officer, retweeted a warning from a community user about a malicious code in a Polymarket copy-trading bot on GitHub, posing security risks.
The incident has reminded many that the crypto bot market still has many vulnerabilities, which is why scrutinizing GitHub repositories for hidden threats is now non-negotiable.
According to the post 23pds interacted with, this code was deliberately put there, but its malicious nature was disguised while the author revised it repeatedly to ensure that it evaded detection.
This occurred across multiple submissions in the “polymarket-copy-trading-bot” repository, potentially exposing users to fund theft.
The hidden code in the bot’s program made it scan and read configuration files automatically, extract private keys, and transfer them to a remote server controlled by the hackers.
Users are urged to be cautious with any unaudited code repositories. In 23pds’s post, he alleged this is not the first time the method is being used to target GitHub and its users and that it will not be the last of such incidents.
How to avoid the private key exploits
The most crucial thing about this form of exploit is that it depends on the individual to kick-start the process, which means extra caution would do a lot to prevent repeated cases.
The exploit is a classic supply-chain attack on open-source tools. It requires users to first install the bot, which many do in an effort to copy successful traders on Polymarket. These users input their private keys for signing trades, thereby unknowingly exposing them.
Anyone who finds themselves in such a predicament is advised to immediately delete the repository if it has been downloaded, assume any wallet linked to it has been compromised, and move all funds to a new one as quickly as it can be done.
It also does not help matters that similar issues have come up in other Polymarket bot repos. So it has become crucial to scrutinize third-party trading scripts to be on the safe side.
It should be noted that the Polymarket platform has not been hacked; the bots that have been wreaking this havoc are unofficial ones, which pose high risks since they require direct access to users’ private keys.
Want your project in front of crypto’s top minds? Feature it in our next industry report, where data meets impact.
Earn more PRC tokens by sharing this post. Copy and paste the URL below and share to friends, when they click and visit Parrot Coin website you earn: https://parrotcoin.net0
PRC Comment Policy
Your comments MUST BE constructive with vivid and clear suggestion relating to the post.
Your comments MUST NOT be less than 5 words.
Do NOT in any way copy/duplicate or transmit another members comment and paste to earn. Members who indulge themselves copying and duplicating comments, their earnings would be wiped out totally as a warning and Account deactivated if the user continue the act.
Parrot Coin does not pay for exclamatory comments Such as hahaha, nice one, wow, congrats, lmao, lol, etc are strictly forbidden and disallowed. Kindly adhere to this rule.
Constructive REPLY to comments is allowed