Github bot steals Ethereum from Metamask wallet by scanning mnemonic phrase

A story has emerged on reddit where a hacker used his bot to scan for mnemonic phrases on Github and due to that, one user on reddit lost about 1200 dollars worth of Ethereum in less than 100 seconds. 

github bot

This was due to his own mistake as he had left mnemonic phrase for his Metamask wallet in Github repo. He had uploaded code to Github containing Binance exchange’s API keys.

The bot is extremely clever – it siphons any Ethereum he has left to prevent him from moving his coins. It outmatches his attempts by supplying more gas.

Here is the compromised address of the user. 0x1b3e1786c3f8524ca0f3175b0b37bcc1bee5a6d5

He adds that once he pushed his updated repo containing his mnemonic phrase to Github, the bot started moving the funds immediately. This means that the Github bot continuously scans repositories for mnemonic phrases.

As you can see, the hacker has drained his wallet but has left around $700 worth of tokens. There is no easy to transfer the tokens unless you follow what is given in this article – operation crypto kitty rescue.

Some say the user could have used private repos that would have prevented code for getting scanned by Github bots. Private repos that previously used to cost 50 dollars an year are now free.