TechFlow reports that SlowMist founder Yu Xian posted on X, stating: "A few days ago, a user lost their Atomicals asset ATOM. The reason was that some people were heavily promoting the use of the online coding platform Replit to run atomicals-js for automating operations related to Atomicals assets.
Replit itself may seem harmless, and such promotion might not appear problematic at first glance. However, the issue lies in Replit's public nature and users' lack of security awareness—anyone can view your atomicals-js code, including sensitive configurations like mnemonics, private keys, and addresses.
As a result, simple techniques like Google Hacking can easily uncover these leaks, leading to asset theft. It's important to note that while automation platforms or tools are indeed convenient, users must have the capability to manage them securely. This issue doesn't only affect Atomicals assets; we've also observed inscription assets from other chains being impacted. Before making this information public, we had already seen such attacks occur, and we've communicated with relevant victims."
Navigating Web3 tides with focused insights
Contribute An Article
Media Requests
Risk Disclosure: This website's content is not investment advice and offers no trading guidance or related services. Per regulations from the PBOC and other authorities, users must be aware of virtual currency risks. Contact us / [email protected] ICP License: 琼ICP备2022009338号




