慢雾CISO：警惕某Polymarket跟单交易程序窃取私钥

Blockbeats

Dec 21, 2025

BlockBeats 消息，12 月 21 日，慢雾科技首席信息安全官 23pds 转发社区用户推文进行安全警示，某 Polymarket 跟单交易机器人程序“polymarket-copy-trading-bot”开发者在 GitHub 代码中隐藏恶意代码，启动程序将自动读取用户“.env”文件（内含钱包私钥）导致资金被盗，该程序作者反复修改并多次在 GitHub 上提交代码，故意隐藏恶意包。

Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.

Most Discussed

{"basename":"","ssrTDKData":{"titleTemplate":"%s - Tiger Brokers","title":"Tiger Brokers | Global Stocks, Options & Futures Trading App","description":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","keywords":"tiger brokers,tiger trade,tiger brokers singapore,broker online,stock trading in singapore,share trading singapore,brokerage firm singapore,trading app,stock broker singapore,stock trading platforms,trading account","social":{"ogDescription":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","ogImage":"https://c1.itigergrowtha.com/portal5/static/media/og-logo.be62fbe1.png","ogUrl":"https://www.itiger.com/news/2593608123"},"companyName":"Tiger Brokers"},"pageData":{"isMobile":false,"isTiger":false,"isTTM":true,"region":"SGP","license":"TBSG","edition":"fundamental"},"isCrawlerRequest":true,"__swrFallback__":{"@#url:\"https://stock-news.skytigris.cn/v3/news\",params:#id:\"2593608123\",edition:\"fundamental\",auth_exemption:1,,,undefined,":{"share":"https://ttm.financial/m/news/2593608123?lang=en_US&edition=fundamental","thumbnail":"","is_english":false,"pubTime":"2025-12-21 03:40","share_image_url":"https://static.laohu8.com/e9f99090a1c2ed51c021029395664489","id":"2593608123","market":"us","top_or_hot":-1,"title":"慢雾CISO：警惕某Polymarket跟单交易程序窃取私钥","media":"Blockbeats","content":"<html><body><div><p>BlockBeats 消息，12 月 21 日，慢雾科技首席信息安全官 23pds 转发社区用户推文进行安全警示，某 Polymarket 跟单交易机器人程序“polymarket-copy-trading-bot”开发者在 GitHub 代码中隐藏恶意代码，启动程序将自动读取用户“.env”文件（内含钱包私钥）导致资金被盗，该程序作者反复修改并多次在 GitHub 上提交代码，故意隐藏恶意包。</p></div></body></html>","source":"theblockbeats_zh_live","html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>慢雾CISO：警惕某Polymarket跟单交易程序窃取私钥</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\n慢雾CISO：警惕某Polymarket跟单交易程序窃取私钥\n</h2>\n\n<h4 class=\"meta\">\n\n\n2025-12-21 03:40 北京时间&nbsp;&nbsp;&nbsp;<a href=https://www.theblockbeats.info//flash/325251><strong>Blockbeats</strong></a>\n\n\n</h4>\n\n</header>\n<article>\n<div>\n<p>BlockBeats 消息，12 月 21 日，慢雾科技首席信息安全官 23pds 转发社区用户推文进行安全警示，某 Polymarket 跟单交易机器人程序“polymarket-copy-trading-bot”开发者在 GitHub 代码中隐藏恶意代码，启动程序将自动读取用户“.env”文件（内含钱包私钥）导致资金被盗，该程序作者反复修改并多次在 GitHub 上提交代码，故意隐藏恶意包。</p>\n\n<a href=\"https://www.theblockbeats.info//flash/325251\">Source Link</a>\n\n</div>\n\n\n</article>\n</div>\n</body>\n</html>\n","isBrief":false,"type":0,"news_type":1,"symbol":"BK4134","symbol_name":"信息科技咨询与其它服务","start_time":0,"source_url":"https://www.theblockbeats.info//flash/325251","article_id":"2593608123","we_media_id":null,"thumbnails":[],"rights":null,"url":"https://stock-news.laohu8.com/highlight/detail?id=2593608123","pubTimestamp":1766259600,"columns":[],"sourceInfo":{"source_id":"theblockbeats_zh_live","name":"blockbeat"},"weMediaInfo":null,"summary":"BlockBeats 消息，12 月 21 日，慢雾科技首席信息安全官 23pds 转发社区用户推文进行安全警示，某 Polymarket 跟单交易机器人程序“polymarket-copy-trad","collect":0,"end_time":0,"defaultTopTitle":"theblockbeats.info","property":[],"viewcount":null,"language":"zh","relate_stocks":{"BK4134":"信息科技咨询与其它服务","CISO":"CISO Global"},"translate_title":"Slow fog CISO: Beware of a Polymarket copy trading program stealing private keys","themeId":null,"isJumpTheme":false,"ttsUrl":null,"symbols_score_info":{"CISO":1.5},"content_text":"BlockBeats 消息，12 月 21 日，慢雾科技首席信息安全官 23pds 转发社区用户推文进行安全警示，某 Polymarket 跟单交易机器人程序“polymarket-copy-trading-bot”开发者在 GitHub 代码中隐藏恶意代码，启动程序将自动读取用户“.env”文件（内含钱包私钥）导致资金被盗，该程序作者反复修改并多次在 GitHub 上提交代码，故意隐藏恶意包。","kind":"live","is_publish_news":true,"is_publish_highlight":false,"is_publish_live":true,"is_publish_wemedia":null,"editions":null,"column":"","sentiment":"0","news_tag":"","news_rank":0,"symbols":[],"gpt_button":0,"need_auth":false,"code":"91000000","status":"200"}}}