Open source AI bot steals cryptocurrencies

Bots based artificial intelligence (AI) have become extremely popular among crypto traders. However, these smart assistants are not so harmless: cybersecurity experts have discovered an AI bot designed to steal cryptocurrencies.

A cybersecurity expert under the pseudonym dm557 discovered a malicious project on GitHub. He wrote about this on the social network X (formerly Twitter) on April 20. According to him, the AI ​​bot steals users' private keys.

How a bot deceived traders

According to conclusions dm557, the malicious AI bot contains “checkrug.py”. This is a file containing an encrypted binary script that decrypts the data and transmits the private keys.

The founder of SlowMist, a well-known blockchain security firm, confirmed dm557’s assumptions and explained how the trading bot works. Evilcos noted that the bot has a backdoor code that allows users to steal keys.

Apparently, the developer of the malicious bot has already removed the backdoor code. Before that he blocked attempts to mark a project as risky by removing the message about the presence of a backdoor.

Safety first

However, cybersecurity experts are urging the community not to download this AI bot. According to them, the removal of the code may be a ploy designed to create the illusion of security and lure even more cryptans into the trap.

“The author has removed the backdoor and is working on updating it. Once more people use it, backdoors can be added at any time. Stay away from repositories with a dark history,” said crypto developer Greysign.

Evilcos also urged the community to exercise extreme caution when seeing overly complex codes. Perhaps this unnecessary complexity is needed to distract users' attention from a potential threat.

“You need to be wary when you see garbled codes because there could be something suspicious hidden there. Cryptocurrencies are all about open source. If it's open source, it should be highly readable. Who's going to bother with these fancy codes?” – Evilcos noted.


Source: Cryptocurrency

You may also like