This analysis was performed using vet and SafeDep Cloud Malicious Package Analysis. Integrate with GitHub using vet-action GitHub Action.
Note: This report is updated by a verification record
Hardcoded transfer addresses and forced fund transfers without user confirmation indicate malicious behavior. Likely steals funds.
Malicious package identified as part of the Bittensor cryptocurrency theft campaign. Contains code designed to steal Bittensor wallet credentials and funds.
Package identified as part of the Bittensor theft campaign discovered by GitLab. Part of a cryptocurrency theft operation targeting Bittensor wallets. Published at 03:16 UTC during the campaign.
Note: This report is updated by a verification record
The package contains hardcoded destination addresses for transfers, effectively overriding user-specified destinations and potentially transferring all funds to an attacker-controlled address. The transfer_extrinsic call in add.py with transfer_all=True and prompt=False is especially concerning, as it transfers all funds without user confirmation.