Hackers steal $1200 in Ethereum cryptocurrency from a GitHub user using GitHub dork
We have already written about how GitHub dorks can be used to steal confidential information from GitHub. In fact, Tillson Galloway has written a program to scan the GitHub for such information called GitHound. Somebody just used this idea to scan a Redditor’s Ethereum wallet and steal $1200 from it and that too in just 100 seconds.
This incident happened to Ty Cooper who lost $1200 of Ethereum cryptocurrency in a mere 100 seconds. Ty was in the process of sending money for a Hackathon named Hack Money. Ty left his MetaMask wallet’s mnemonic (12-word wallet recovery phrase) exposed for just over a minute on GitHub when he was doing the transaction.
At that same time, unknown hackers were using a code similar to what Galloway had written to scan GitHub for such confidential information. They apparently found Ty’s exposed mnemonic exposed and used it to transfer Ethereum coins worth $1200 from Ty’s wallet to their own wallet.
Of the $1200, the hackers immediately moved $600 to different wallets owned by their associates. The balance $600 is in the wallet in a “Compound DeFi protocol” but it too has become irretrievable according to Ty. He has asked for help to retrieve at least this $600.
The bot scanned for the mnemonic after I accidentally left it in my code on a GitHub repo while I was sending to @ETHGlobal
— #DEFI Jedi – Ty Cooper (@tycooperaow) May 26, 2020
Using GitHub dorks is becoming a very lucrative profession for hackers. Ty says he was foolish and this mistake was costly but he hoped that he could soon make millions. For developers using GitHub, they should use software like Vault which can provide some degree of protection against such incidents.