Deutsch한국어日本語中文EspañolFrançaisՀայերենNederlandsРусскийItalianoPortuguêsTürkçePortfolio TrackerSwapCryptocurrenciesPricingIntegrationsNewsEarnBlogNFTWidgetsDeFi Portfolio TrackerOpen API24h ReportPress KitAPI Docs

Ethereum core dev’s crypto wallet drained by malicious AI extension

1d ago
bullish:

0

bearish:

0

Share

Ethereum core dev Zak Cole lost funds after a malicious Cursor extension stole his private key, highlighting rising wallet drainer attacks on builders.

A core Ethereum developer said he was hit by a cryptocurrency wallet drainer linked to a rogue code assistant, underscoring how even seasoned builders can be caught by increasingly polished scams.

Core Ethereum developer Zak Cole fell victim to a malicious artificial intelligence extension from Cursor AI, which enabled the attacker to access his hot wallet for three days before draining the funds, he said in a Tuesday X post.

The developer installed the “contractshark.solidity-lang” that appeared legitimate — with a professional icon, descriptive copy and more than 54,000 downloads — but silently exfiltrated his private key. The plugin “read my .env file” and sent the key to an attacker’s server, giving access to his hot wallet for three days before funds were drained on Aug. 10, he said.

Read more

1d ago
bullish:

0

bearish:

0

Share
Manage all your crypto, NFT and DeFi from one place

Securely connect the portfolio you’re using to start.