📢 Gate Square Exclusive: #WXTM Creative Contest# Is Now Live!
Celebrate CandyDrop Round 59 featuring MinoTari (WXTM) — compete for a 70,000 WXTM prize pool!
🎯 About MinoTari (WXTM)
Tari is a Rust-based blockchain protocol centered around digital assets.
It empowers creators to build new types of digital experiences and narratives.
With Tari, digitally scarce assets—like collectibles or in-game items—unlock new business opportunities for creators.
🎨 Event Period:
Aug 7, 2025, 09:00 – Aug 12, 2025, 16:00 (UTC)
📌 How to Participate:
Post original content on Gate Square related to WXTM or its
Analysis and Prevention of New NPM Package Attacks Targeting Solana Users and the Theft of Private Keys
Analysis of Malicious NPM Package Theft of Solana Users' Private Keys
In early July 2025, a malicious attack targeting Solana users was exposed. The attackers disguised themselves as a legitimate open-source project, luring users to download and run a Node.js project containing malicious code, thereby stealing users' wallet Private Keys and crypto assets.
Event Process
On July 2nd, a victim contacted the security team, stating that their cryptocurrency assets were stolen after using the open-source project "solana-pumpfun-bot" on GitHub. The security team immediately launched an investigation.
The investigation found that there is an anomaly in the GitHub project:
Further analysis revealed that the attacker replaced the download link for "crypto-layout-utils" in package-lock.json with a GitHub repository address they control.
Malicious Code Analysis
The security team downloaded and analyzed the suspicious dependency package, discovering that it contained highly obfuscated malicious code. This code implemented the following functions:
Attack Methods
Capital Flow
Using on-chain analysis tools, it was found that some of the stolen funds were transferred to a certain cryptocurrency exchange.
Security Recommendations
This incident once again emphasizes the importance of staying vigilant when handling crypto assets. Attackers are constantly innovating their methods, and both users and developers need to enhance their security awareness and take necessary protective measures.