Also I just discussion on irc and apparently they have been vibe coding. See: https://xcancel.com/xenumonero/status/2059389864768950345
Another exploit: Eigenwallet. Do not use until situation is resolved.
2 replies - 115 views - 2 thanks - 1 tippers - 2 watchers
Replies
y'know there's something perversely funny to me about vibe coded software in this area (open source / foss/ software for the public and not made by a company with profit in mind) being exploited -
you're developing something where people need a certain level of security and need to trust you to use the product. . .
you're not being paid per line of code, and you're not trying to boost numbers for your manager, so why...
also lol at the reply to that tweet
hate to break it to ya, but most programs are being vibe coded these days
well, I wonder how many will stand the test of time and thrive
if you're ever low on content, you could probably have fun going through software start up type subreddits and seeing all the people post their vibe coded attempts to make it big
it reminds me of an overarching issue I see with llms:
a hundred people can ask the same question (make me a program to help analyze my stream vods and make clips and post them), get an answer that is slightly the same but possibly unique, and then all think they have a great new program to share with the world (but this thing already exists... in 10 different ways... now add yours on top of the pile, I'm sure people will love it)
Signature
I'm an artist (skills in vtuber making and livestreaming), wannabe singer, and chronically lonely loser- always willing to chat about nearly anything. Don't hesitate to start a convo with me.
UPDATE: 
Apparently the bug wasn't designed to profit, but rather it would cause monero to be burned and the sent bitcoin (by the bad attacker) to also get burned. Seems like a design to be malicious rather than to make money from it.
@avarice There is levels to vibe coding. At it's worse, it is like the example you gave. Clear AI slop by people who have no idea what is going on.
Then there is the experience programmer doing this as a backup test, get some input. I think this is a great idea.
But then there is the less experienced programmer doing the same thing, and not thinking things exactly through about what was suggested. Eigenwallet's commits are extremely odd by Binarybaron. He is definitely submitting commits with AI and he even has a recent commit that is submitted by Binarybaron and the co-author Binarybaron....which makes absolutely no sense. If he is writing the code and simply double checking with AI and submitting it that is fine...but why submit it like how he has been doing? And furthermore you can see the ai text slop for all of his commits that are for himself and the coauthor Claude, whereas the rest of commits don't have that. So i think he is telling half truths. Time will tell if he will get punished for it.