Suspicious Activity Detected in Waves Protocol Project on GitHub
On-chain investigators have detected unusual activity in the open-source code repository of Waves Protocol, a cryptocurrency project that was launched in 2018. The activity affects the Wallet Keeper repository, potentially posing a risk to users in the Waves ecosystem.
Old source code conflicts and potential intrusion
According to the investigation, malicious code was inserted into Waves’ code repositories after more than two years without updates. The new code was likely implemented by hackers from the Democratic People’s Republic of Korea (DPRK), with the goal of taking full control of the project’s GitHub accounts.
Risks mount as Waves tries to regain form
At a time when Waves is working to restart the project and prepare for Waves Summer 2025, these findings raise concerns about the safety of new users. Malicious code can create security vulnerabilities, leading to asset loss or unauthorized control of cryptocurrency wallets.
1/ ☀️ Waves Summer 2025 — Changing the flow 🏄🏻♂️
Over the next 90 days, Waves will transform into an AI-powered, Layer 2 blockchain platform backed by mainstream organizations.
See more at 👇🌊 pic.twitter.com/R5uycNgRSA
— Waves 🌊 (@wavesprotocol) 18 tháng 6, 2025
History and Position of Waves in the Cryptocurrency Market
Launched in 2018, Waves emerged with just $18 million in funding but has become one of the most influential projects in the early days of the cryptocurrency ecosystem. The project was a shining star in offering tokenized BTC and crypto scams that sparked controversy.
The bright letters have been almost silent since the WAVES Token price dropped more than 93% in 2022, from a peak of over $55 to nearly $1. At that time, many critics said that the project was just a play of rug pulls and bankruptcies or system failures leading to hundreds of millions of dollars in losses.
In 2025, Waves is trying to make a comeback, but risks are still present, especially when the system is compromised and wallets are hacked.
DPRK hacker activity in Waves source code repositories
The Ketman intelligence team has been looking at GitHub code repositories for evidence of DPRK hacker activity. Recently, a warning was discovered in the code repository of Wallet Keeper, part of the Waves ecosystem, which provides a browser-extended wallet solution.
In particular, the account has full access, the ability to manipulate the source code and release new wallet versions. This profile is linked to a GitHub account of the DPRK hacker, which contains dangerous links leading to malware.
While current versions of Keeper wallets are safe, experts warn that new releases can be risky, especially as the project prepares to ramp up its communications campaign.
Malicious code has been found in the Keeper Wallet keystore, exploiting wallet data and other security flaws. There is no evidence of being able to log in and steal private keys or seed phrases, but this is a possibility in future updates.
Security Threats and Account Control by DPRK Hackers
Some code belonging to developer Maxim Smolyakov has been leaked, leading experts to view this as a sign that hackers may have taken control of the project's accounts or systems.
Continuous code modifications and unusual activity in the repository can have a major impact on the reputation and security of the Waves network. Users should be vigilant about new wallet versions and closely monitor official updates.
Source: https://tintucbitcoin.com/dprk-hacker-phat-tan-cap-nhat-doc-waves/
Thank you for reading this article!
Please Like, Comment and Follow TinTucBitcoin to stay updated with the latest news about the cryptocurrency market and not miss any important information!
