The Chief Information Security Officer of cybersecurity firm Slow Mist Technology has issued a security alert after detecting dangerous malicious code in Polymarket’s trading bot program known as ‘polymarket-copy-trading-bot.’ This program automatically reads ‘.env’ files on users’ computers, which contain private wallet keys, exposing users to the risk of fund theft from their digital wallets. Polymarket is a popular cryptocurrency platform that allows users to participate in various financial predictions and trading opportunities. The platform’s trading bots make automated market-based decisions to enhance user earnings. However, the presence of malicious code in such bots not only threatens users’ financial assets but also undermines trust in the entire cryptocurrency ecosystem. The developer repeatedly altered the malicious code on GitHub, indicating deliberate concealment. Users have been advised to avoid using this bot and immediately secure their wallet private keys to prevent potential losses. This incident highlights ongoing security challenges in the cryptocurrency market, especially with the rising popularity of automated trading systems and associated risks. Experts recommend that users only use trading software or bots from verified and reputable sources to safeguard their digital assets. Moving forward, cryptocurrency platforms and integrated software providers must strengthen their security measures and implement effective actions to protect users from such threats.
Source: binance
