AI leaked crypto wallet users’ private keys
The developers have assumed that the software extracts wallet data from public GitHub repositories
04.05.2022 - 12:40
2300
2 min
0
What’s new? Copilot, an AI code writing assistant developed by OpenAI and GitHub, has learned to pick up private keys from existing crypto wallets. One of the developers said that while Copilot was running, it suddenly suggested something similar to a private key, and when checked, it turned out to be associated with a real address, The Register reports. Artificial intelligence likely retrieved data from public repositories of the GitHub service.
How did events develop? The developers managed to generate other private keys from addresses that held small amounts of money. Former OpenAI research scientist Ari Herbert-Voss suggested that AI was picking up the data so easily because it was already stored in the public domain:
“The real risk is if someone isn’t paying attention and keeps using a compromised wallet,” he added.
Copilot is built on the OpenAI Codex model, a system based on GPT-3, with AI trained to collect data en masse. Similar algorithms memorize the set of information they received. Copilot may have reproduced a key it already knew.
What happened before? A Reddit blogger found a way to learn the secret phrase for logging into a crypto wallet using a “smart” dial on his phone. When entering the first words of the seed phrase, the predictive function of the smartphone itself picks up the remaining secret words. According to the blogger, this is due to the fact that the mobile phone stores the data in its cache and later inserted it in the right field.
Useful material?
Incidents
Developers warned of potential risks to bridges across the ecosystem and asked exchanges for assistance.
Jun 22, 2026
Incidents
The defendant helped move funds stolen through investment scams and earned at least $4 million for his role in the operation.
Jun 10, 2026
Incidents
The company is linking the incident to a compromised private key on a service wallet, rather than a smart contract exploit
May 22, 2026
Incidents
Following the incident, the project temporarily halted trading operations and node activity.
May 15, 2026
Incidents
The user spent weeks unsuccessfully trying to guess the password until Claude helped find an old wallet backup file
May 14, 2026
Crypto regulations
Authorities are introducing mandatory registration for companies handling cross-border crypto transactions
May 8, 2026
Telegram
Twitter