
A fake Polymarket trading bot on GitHub delivered an infostealer to 53 developers. The malware targets wallet keys, browser passwords, and cloud credentials. SafeDep identified 30 malicious npm packages tied to the campaign.
A fake trading bot for Polymarket's prediction markets turned into a credential-stealing operation. The GitHub repository, Trum3it/polymarket-arbitrage-bot, promised annual profits above $80,000. Instead, it delivered an infostealer that targets crypto wallet keys, browser passwords, and cloud credentials.
Security firm SlowMist flagged the repository on July 1. SafeDep later identified 30 malicious npm packages spread across several accounts, all tied to the same fake bot. At least 53 developers cloned the repo and ran the installation command before the scam was exposed, SafeDep said.
The attackers knew their audience. Real Polymarket bots have made eye-popping returns. One bot profiled by analyst Dexter's Lab turned $313 into $414,000 in a month. Another, tracked by researcher Igor Mikerin, generated $2.2 million over two months. That track record gave the fake bot credibility.
The instructions asked users to paste their Polymarket private key into a .env file and run "npm install." During installation, a hidden dependency called clob-client-math executed the malware. The repository's package.json listed four dependencies. Three were legitimate: the official Polymarket SDK, ethers, and dotenv. The fourth, clob-client-math, was never imported anywhere in the bot's source code. That mismatch is the tell, SafeDep said.
What the malware takes
The infostealer scrapes crypto wallet vaults from eight major wallets including MetaMask and Phantom. It grabs browser cookies and saved passwords, SSH keys, AWS credentials, npm and PyPI tokens, Docker configs, shell history, and password manager databases from Bitwarden, KeePass, and 1Password. Any developer who ran "npm install" on that repo should treat the machine as compromised, SafeDep warned.
Who is behind it
Security researchers attribute the attack to North Korean hackers running a broader campaign called Contagious Trader. The group has been targeting crypto developers through fake job offers, malicious npm packages, and compromised accounts. In March, hackers took over an Axios developer's account and published malicious npm packages, Cryptopolitan reported. In May, one compromised account pushed updates to 323 packages in under 30 minutes.
Previous Polymarket attacks
Polymarket users have faced other threats this year. A phishing scam in late June drained $2.94 million from at least 11 accounts. The prediction market's growing popularity has made it a prime target for credential theft and social engineering.
How to check for infection
SafeDep recommends inspecting npm lock files for any of the 30 malicious packages. The simplest check: look for dependencies that appear in package.json but are never imported in the source code. All the fake packages were published by brand-new accounts with no publishing history. That pattern alone is a red flag.
Developers who cloned the repository should rotate every crypto wallet key immediately. Change all passwords stored in the browser. Replace AWS credentials, SSH keys, and API tokens. Treat any machine that ran the install as fully exposed.
The broader lesson for anyone using automated trading strategies: verify the publisher's history before running third-party code. A repository with 36 stars and 53 forks is not a safety signal. The real signal is whether the dependency tree matches the code that actually runs.
Prepared with AlphaScala research tooling and grounded in primary market data: live prices, fundamentals, SEC filings, hedge-fund holdings, and insider activity. Each story is checked against AlphaScala publishing rules before release. Educational coverage, not personalized advice.