NOFX AI Vulnerabilities Expose User Keys

Blockchain security firm SlowMist has concluded an investigation that uncovered significant vulnerabilities within NOFX AI, an open-source cryptocurrency futures trading system designed using DeepSeek and Qwen large-language-model architectures.

According to findings reported on Web3Caff, multiple versions of the NOFX AI system contained flaws that left some users susceptible to credential leakage. This could allow attackers to gain access to sensitive information like wallet private keys and API credentials for both centralized and decentralized exchanges.

Following the discovery of these critical security gaps, the SlowMist team proactively engaged with the security departments of major cryptocurrency exchanges Binance and OKX. These exchanges collaborated with SlowMist to identify and assist affected users, including revoking any compromised keys.

Authentication Flaws Uncovered in NOFX AI

The investigation by SlowMist commenced after receiving an alert from a community security researcher known as @Endlessss20. The researcher suspected that NOFX AI might be leaking exchange API keys.

Cos, the founder of SlowMist and active on X as @evilcos, initially commended NOFX AI’s commitment to open-source development. However, he quickly followed up by disclosing the severe risks, stating that the disclosed vulnerabilities had already resulted in actual theft incidents, with some users losing their wallet private keys and CEX/DEX API Keys.

Cos further explained that SlowMist’s initial disclosure process was carefully coordinated with exchange security teams. This was to ensure that affected individuals were notified before the vulnerabilities were made public.

SlowMist’s detailed analysis pinpointed two primary authentication issues present in various commit versions of the open-source NOFX AI repository. These flaws affected both older and newer iterations of the platform.

💡 The system reportedly operated with an Authorization Required status for certain functions, but critically lacked actual access controls. This meant that sensitive administrator (admin) functions were accessible without any form of authentication.

Consequently, malicious actors could interact with admin APIs without the necessity of providing credentials, creating a significant security risk.

🎛️ Adding to these authentication weaknesses, one of the system’s API endpoints was found to return sensitive connection data by default. This included API keys and their associated secrets for prominent exchanges such as Binance, Hyperliquid, and Aster DEX.

Collaborative Security Response with Exchanges

Upon confirming the severity and scope of these vulnerabilities, SlowMist initiated contact with the security teams at Binance and OKX.

A joint security operations room was reportedly established. Within this collaborative environment, SlowMist provided detailed intelligence and an assessment of the potential impact, while the exchange teams conducted their own independent analysis and verification of the compromised API data.

The teams then worked collaboratively to trace exposed keys back to specific user accounts on their respective platforms, identifying those at risk.

✅ Following this identification process, the exchanges implemented immediate countermeasures. This included notifying every affected user and promptly revoking their API keys, secret keys, and any associated automated trading credentials. SlowMist confirmed in their report, As of November 17, all affected CEX users have been notified, and their relevant keys have been revoked, and their assets are safe.

📍 The process of reaching users on decentralized exchanges proved to be more challenging. SlowMist noted that attempts to directly contact a small number of users on Aster and Hyperliquid were unsuccessful due to the decentralized wallet addresses.

⚡ If you are using automated trading systems on Aster or Hyperliquid, please promptly check and address any related risks, the security firm strongly advised users operating on these platforms.

Security Advisories for AI-Trading Ecosystem

SlowMist also highlighted an increasing trend in large-scale AI model quantization projects. However, they cautioned that many of these open-source implementations are still in their nascent stages of development.

Therefore, the firm strongly recommends that entities deploying these emerging open-source systems conduct thorough code security audits and strengthen risk control measures to avoid financial losses.

The security firm provided specific recommendations for both the NOFX AI development team and its users. Key advice includes: refusing to run the program if a template key is detected, disabling admin mode unless explicitly configured and secured with a strong password and One-Time Password (OTP) authentication, and redesigning sensitive endpoints to only return non-critical metadata while requiring secondary verification for private-key or API-key access.

📍 Until the NOFX AI development team implements these crucial fixes, the firm warned that any deployment to the public internet should be considered high-risk.