As always, be cautious with repositories that claim to be one thing but turn out to be malware. 🔗 Suspicious Repository: github.com/Xalyndarjg/Mev… ⚠️ Claims to be a Solana MEV bot but is actually a Solana Drainer. 🚨 Key Findings 🕵️ Hidden Attacker's Wallet The function getApiPumpFUNHex() is highly suspicious because a legitimate bot does not need to hide wallet information: * The function decodes a Base64 string into a hexadecimal value. * The result is converted into a Base58 public key, likely the attacker's wallet. * Confirmed Drainer Address: FuYYZ3yL59YDyLJEDQ4k258Z8BNMpqNpLwgyxnyxy2Ak

🎭 Fake Anti-Scam, Fake Network Connection & Fake Token Scanning To deceive victims, the drainer displays fake messages in the console, pretending to: ✅ Scan for scam tokens ✅ Connect to the Solana network ✅ List detected tokens All of these functions are completely fake:

🚨 Unauthorized Fund Transfers The apiDEX function contains malicious behavior during the "start" action: The script retrieves the victim’s wallet balance. ✅ It deducts 5000 lamports (~0.000005 SOL, transaction fee). ✅ It transfers all remaining SOL to the attacker’s wallet (recipientPublicKey). ✅ The user has NO control over the recipient address. 🚨 This proves the bot is a drainer and has no real MEV functionality.

🎭 Theft Disguised as Withdrawal The withdraw function steals funds when a user attempts to withdraw: If the user withdraws 0.1 SOL or less, the funds go to their intended recipient. ✅ If they withdraw more than 0.1 SOL, the money is redirected to the attacker's wallet. ✅ This is a classic scam technique, allowing small test transactions to succeed while larger withdrawals are stolen.

@ValthekOn Nice work bro! 🤓

@CryptoInsane Thank you, 😄