Yu Xian, the founder of Slow Mist, posted on the .
Replit itself seems to have no problem, and this kind of publicity seems to have no problem, but the problem lies in the openness of the Replit platform and the lack of security awareness of players. Anyone can see the atomicals-js you use, including the configuration you make in it. mnemonic phrase/private key/address and other information.
Therefore, these leaks can be discovered through simple Google Hacking and other techniques, resulting in the theft of assets. It should be noted that automation platforms or tools are indeed convenient, and you must be able to control them when using them. What is affected here is not only the Atomics assets of some players, we also see the inscription assets of other chains. Before we disclosed this information, this type of attack and exploitation had already occurred, and we had contacted relevant victims. "