On July 13, according to 23pds, Chief Information Security Officer of SlowMist, who retweeted a post by X platform user @Miles082510, the developer @web3_cryptoguy, disguised as a Web3 "tool author," provided a script tool suspected of scanning local sensitive files in the background, intending to steal key data such as private keys, wallet files, configuration files, code, and mnemonic phrases. This data is secretly uploaded to anonymous servers, and the whole process is almost imperceptible to users. Users are reminded to avoid using script tools from unknown sources. [BlockBeats]

SlowMist CISO: Beware of Private Key Theft Threats from Unknown Script Tools