According to ChainCatcher, security researcher dm posted on a social platform that a Web3 open source project on Github may steal users' Solana private keys. In response, SlowMist founder Yu Xian posted a comment on the X platform, saying that the open source bot has a backdoor code that steals private keys. If you are not familiar with the code, you need to be vigilant when you see garbled code in the open source project code.
