According to ChainCatcher, based on a post shared by @Miles082510 on X platform and relayed by 23pds, the chief information security officer of SlowMist, developer @web3_cryptoguy disguised himself as a Web3 "tool author" and provided a malicious script tool. This tool scans users' local sensitive files in the background, stealing critical data such as private keys, wallet files, seed phrases, and uploading them to an anonymous server, making the entire process difficult to detect.
SlowMist warns users to avoid using script tools from unknown sources to prevent asset loss.
