How My Open-Source Scanner Caught a Crypto Scammer Exposing Their Own Keys
Exposing the keys in the GitHub Issue The Phishing Site (Notice the Spotify option) There is a golden rule in cybersecurity: the weakest link is almost always human error. But what happens when that human error comes from a malicious actor trying to orchestrate a crypto phishing scam? The result is surprisingly comedic. Here is the story of how my newly built open-source secret scanner, Sentinel, accidentally neutralized a Tether (USDT) phishing operation during a routine benchmark. The Setup: Testing in the Wild I recently released Sentinel , a statically compiled, context-aware Git secret scanner and pre-commit hook written in Go. After fine-tuning its engine to achieve near-zero false positives, I decided to benchmark it "in the wild" by scanning random, recently updated repositories on GitHub. The goal was to see if Sentinel could catch edge-case credentials that traditional, regex-heavy tools often miss or drown in noise. During the scan, Sentinel instantly flagged a critical severity finding in a rather suspicious repository. The Catch: AI Copy-Paste Gone Wrong Upon inspecting the flagged file, the issue was immediately apparent: a fully exposed, hardcoded Firebase configuration object containing the API key, project ID, and messaging sender ID. It was a textbook case of a script kiddie asking an AI for a web login template and blindly copy-pasting the frontend code into a public repository. They had effectively handed over the administrative keys to their backend infrastructure before the project even launched. The Phishing Site: Logging into Crypto with Spotify? Out of professional curiosity, I checked the Vercel deployment linked to the repository. The project was attempting to impersonate Tether (USDT), the world's largest stablecoin. It featured the official logo, a catchy slogan, and a login prompt designed to harvest credentials. However, because the scammer had blindly copied a generic consumer application template, the authentication options presented