Github bot steals Ethereum from Metamask wallet by scanning mnemonic phrase
A story has emerged on reddit where a hacker used his bot to scan for mnemonic phrases on Github and due to that, one user on reddit lost about 1200 dollars worth of Ethereum in less than 100 seconds.
This was due to his own mistake as he had left mnemonic phrase for his Metamask wallet in Github repo. He had uploaded code to Github containing Binance exchange’s API keys.
The bot is extremely clever – it siphons any Ethereum he has left to prevent him from moving his coins. It outmatches his attempts by supplying more gas.
Here is the compromised address of the user. 0x1b3e1786c3f8524ca0f3175b0b37bcc1bee5a6d5
He adds that once he pushed his updated repo containing his mnemonic phrase to Github, the bot started moving the funds immediately. This means that the Github bot continuously scans repositories for mnemonic phrases.
As you can see, the hacker has drained his wallet but has left around $700 worth of tokens. There is no easy to transfer the tokens unless you follow what is given in this article – operation crypto kitty rescue.
Some say the user could have used private repos that would have prevented code for getting scanned by Github bots. Private repos that previously used to cost 50 dollars an year are now free.

Related topics
- How to claim 1inch Airdrop by 1inch exchange?
- DeTrade Fund exit scams, runs away with 1438 Ether
- BAT token no longer credited to iOS users
- Coinbase Custody adds NuCypher, Curve, Ren, WBTC, TBTC, DFI Money
- Bitfinex to support Ethereum 2.0 migration with staking rewards
- Ethereum Classic hard fork to change mining algorithm to ETC Hash
- Flash loan attack worth $7M on Value DeFi
- Unilayer is existential threat to centralized cryptocurrency exchanges
- Bancor 2.1 live on Ethereum blockchain
- 20.8 Ethereum stolen from a user and he has no idea on how it happened
- BREE token exit scams – How to withdraw LINK from CoinBreeder
- Hyperledger Besu will implement MESS to prevent 51-percent attack on Ethereum Classic blockchain
- Uniswap and KYC rumors – Will KYC kill Uniswap exchange?
- Status version 1.7 brings iOS notifications, mentions, local nicknames and more
- Trade UNI Token on CEX.io with leverage