The attacker accessed sensitive wallet information and transferred stolen crypto assets to the FixedFloat exchange.
The attacker used both social engineering and complex technical maneuvers using JavaScript (Node.js).
Exercising extra caution while dealing with unfamiliar GitHub projects is prudent for all crypto investors.
A memecoin trader on the Solana (SOL) network using the Pump.fun launchpad lost funds in a sophisticated attack orchestrated through GitHub. Earlier this month, a crypto investor, who is the victim, informed the SlowMist team of the attack that resulted in a loss of 0.9897 SOL, currently worth around $149 as the Solana price hovers around $151.6 on Tuesday, July 8.
According to on-chain analysis conducted by the SlowMist team, the attacker sent the stolen funds to FixedFloat, a non-custodial cryptocurrency exchange that is fully automated.
Closer Look at the Attack on the Pump.fun Trader
Following an analysis of the GitHub repositories uploaded by the attacker, the SlowMist team found out that the Solana Pump.fun bot used JavaScript (Node.js) with witty social engineering techniques.
The attacker embedded the malicious code i…
The post SlowMist Details How a Fake Bot Was Used to Steal a Trader’s SOL appeared first on Coin Edition.
