警惕因使用 Replit 平台注册钱包造成的助记词泄漏

Background Recently, a victim contacted the slow fog security team, which was stolen because of using an online programming platform to create a protocol wallet and typing in the protocol tokens in batches. According to the victim's description, the private key mnemonic was leaked because it was copied and pasted on a web page. The wallet creation analysis was officially developed and published on the command line interface and library on the Internet, which is convenient for users to use and interact. It is a well-known online programming platform with online support and other programming languages, and it is fast to write codes directly in the browser. There are many wallet registration tutorials on Weibo Twitter and other platforms. However, some of them explain how to use online deployment projects to generate wallets and how to transfer them to tokens. Although they are not limited to creating new tutorials, they are also recommended to use the platform. Because of the openness of the platform, all the codes deployed on it are open, allowing everyone to access the project. After deployment, a file will be generated in the project directory. This file contains the generated mnemonics. Sensitive information such as keys and addresses, etc. It is worth noting that projects that are used and run on the Internet can be easily found through simple search or utilization, and then cases containing files can be found. Therefore, there is great risk in creating wallets according to these so-called tutorials. We should avoid running such codes containing sensitive information on publicly accessible platforms, especially when it comes to encrypted currency wallets or private keys. We should choose a safer and more reliable environment to generate and manage encrypted currency wallets. Italian address analysis and usage analysis found that the victim transferred to a number of wallet addresses created according to the victim's description, and these tokens were transferred to the hacker's address on January. Using the query, we can see that there is still a token stolen by the hacker that has not been transferred. Summary This kind of attack explained in this article has very low cost, and the attacker can launch an attack only by mastering basic search and scanning skills. The slow fog security team hereby reminds you that if you accidentally use the wallet, please transfer the relevant funds and delete it as soon as possible. Be vigilant when using the generated wallet or mnemonic on unfamiliar platforms except sensitive files. The slow fog security team suggests that users choose a well-known wallet service that has been audited by security to reduce the risk of leakage. 比特币今日价格行情网_okx交易所app_永续合约_比特币怎么买卖交易_虚拟币交易所平台

注册有任何问题请添加 微信：MVIP619 拉你进入群

文章转载注明 网址：https://netpsp.com/?id=62455