SlowMist Flags Security Breach in NOFX AI Trading System Built on DeepSeek/Qwen

TL;DR:

• SlowMist found severe NOFX AI vulnerabilities that exposed private keys and API credentials.
• Over 1,000 public deployments may have been affected.
• Users should disable admin mode, reset all keys, and apply security fixes immediately.

SlowMist has raised a serious warning after uncovering deep security gaps inside NOFX AI, an automated trading system built on DeepSeek/Qwen. What began as a routine investigation quickly turned into a troubling discovery: in several versions of the platform, attackers could access private wallet keys and API credentials without needing any form of authentication. For users running NOFX for months or years, the possibility of funds being quietly drained is now a very real concern.

用 @nofx_ai 这个开源自动交易系统的朋友留意下，首先需要说下 NOFX AI 本身开源工作还是挺良心的，我们披露的风险已经出现真实的盗币事件，有些使用者的钱包私钥、CEX/DEX API Key 因此泄露，感谢 @Endlessss20 的情报。… https://t.co/BFMmrHXaPQ

— Cos(余弦) (@evilcos) November 17, 2025

System Flaws Expose Keys and Prompt Industry-Wide Response

During its investigation, SlowMist found two core issues at the heart of the breach. The first was a “zero-authentication” admin mode that some deployments enabled by default, allowing anyone to query system endpoints and pull sensitive data. The second came from a weak JWT setup using a hardcoded secret. Even after attempts to patch the problem, the unchanged default secret meant attackers could still forge valid tokens. SlowMist estimates that more than 1,000 public deployments may have been exposed because of these oversights.

Once confirmed, SlowMist coordinated with major exchanges, including Binance and OKX, to help revoke compromised API keys and notify affected users. That process went relatively smoothly for centralized exchanges, but decentralized platforms presented a tougher challenge. Users operating through chains such as Aster or Hyperliquid proved harder to contact, and SlowMist emphasized that those relying on NOFX AI in decentralized environments should reset their keys immediately before resuming activity.

To help reduce the risk of further breaches, SlowMist outlined several urgent recommendations. Users should turn off admin mode, replace the default JWT secret with a strong unique one, and limit how endpoints handle sensitive information so they no longer return private keys directly. Until NOFX developers implement deeper structural fixes, SlowMist warns that any public NOFX AI deployment should be considered high-risk and treated with extreme caution.