Recent Updates
20:00
What is Predict.fun?
19:00
What is HumidiFi (WET) ?
18:00
What is SoSoValue (SOSO)?
17:30
Major Bitcoin Move from Russia’s Largest Bank!
17:06
Robinhood Announces New Coin Listing
16:19
Aster Releases 2026 Roadmap: Mainnet and RWA on the Way
16:15
Exclusive Partnership Between Ledger and Lamborghini: New Stax Design Revealed
Crypto:
36635
Bitcoin:
$91.969
% 1.33
BTC Dominance:
%58.6
% 0.02
Market Cap:
$3.13 T
% 1.40
Fear & Greed:
28 / 100
Bitcoin:
$ 91.969
BTC Dominance:
% 58.6
Market Cap:
$3.13 T
Crypto News, News

Ethereum Developer’s Wallet Drained! What Happened?

Emre Yumlu
Update Date: 13 August 2025 18:16:22
SUBSCRIBE: Youtube Google News
Abracadabra Money Hack
13
Aug

Ethereum core developer Zak Cole lost access to his funds after a fake artificial intelligence extension stole his private key. This incident once again highlights how sophisticated wallet drainer attacks in the crypto space have become.

Threat From a Malicious Extension

Cole explained that he had installed a Cursor AI extension named “contractshark.solidity-lang,” which appeared trustworthy with a professional icon, detailed description, and over 54,000 downloads. However, the extension read his .env file and transmitted the private key to the attacker’s server. This gave the attacker three days of access to his hot wallet before draining the funds on Sunday.

“In over 10 years, I have never lost a single wei to hackers. Then I rushed to deliver a contract last week, and this happened,” Cole said. He noted that the loss was limited to only a few hundred dollars worth of Ether, as he keeps his main holdings on hardware wallets and uses small, project-specific hot wallets for testing.

Wallet Drainers on the Rise

Wallet drainers—malware designed to steal digital assets—are an increasing threat to cryptocurrency investors. In September 2024, malware disguised as the WalletConnect Protocol remained live on the Google Play Store for over five months, stealing more than $70,000 in digital assets.

Hakan Unal, senior security operations lead at blockchain security firm Cyvers, warned that fake publishers and typosquatting techniques are being used to steal developers’ private keys. He advises developers to carefully vet extensions, avoid storing sensitive data in plain text or .env files, use hardware wallets, and develop in isolated environments.

Attacks Can Now Be Rented

According to an April 2025 report from crypto security firm AMLBot, these types of wallet drainer tools are now offered under a SaaS model. Scammers can rent them for as little as 100 USDT.

These developments show that security has become more critical than ever for both developers and investors in the crypto ecosystem.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

Leave a Reply

Your email address will not be published. Required fields are marked *