13-7-2025 – A Web3 developer known as @web3_cryptoguy has been accused of distributing a malicious script tool designed to steal crypto wallet private keys and sensitive user data, according to a threat report by blockchain security firm SlowMist.
The script operates stealthily, targeting configuration files, private keys, and wallet credentials on victims’ devices. First flagged by SlowMist CISO 23pds, the tool was reportedly shared through developer-focused community platforms, masquerading as a legitimate utility. Users who ran the script unknowingly exposed their crypto holdings to exfiltration.
“The code is engineered to blend into common Web3 workflows, making it difficult for the average user to detect,” said SlowMist in a statement, urging immediate caution across the developer and trader communities.
Security experts warn this is yet another example of a supply chain-style attack, in which malicious actors embed harmful code into widely circulated development tools. Such attacks have become more frequent in the decentralized space, particularly as open-source communities rely heavily on peer-shared resources.
Although the financial damage has not been fully disclosed, past incidents of similar wallet breaches have led to multi-million dollar losses, often irrecoverable due to the irreversible nature of blockchain transactions.
The exploit comes as Ethereum (ETH), the primary blockchain for Web3 apps, trades at $2,960.52, with a market cap of $357.38 billion—a stark reminder of the growing financial value at stake in the Web3 ecosystem.
