[kjaftaedi]

You're leaving out a lot of valuable information.

Did you check your security log in github?

Do you have MFA enabled on your account?

Did you check your repository and account and make sure that all of the SSH keys saved are recognized and known to you?

Did you refresh all of your keys and make new ones?

You need to start at the beginning.. starting with the theft transactions is starting at the end.

----

Long story short, there is no way to tell you what happened without you investigating first.

It could be you just not MFAing your account and re-using passwords.. and someone logged into your github account and added their own private keys.

Really it could be a million different scenarios, but whatever happened, you need to investigate first.

[hasangursoy]

I use both MFA and a password manager tool for security purposes, and the account is connected to my work email.

I am pretty sure that no security flaws was the cause of this, except pushing to the private repo.

I have checked the transaction and the commit dates, which are matching perfectly. No doubt about that.

[listenallyall]

Were all the wallets part of the same Metamask account? The transfers are all a few seconds apart... they could have gotten in the front door by obtaining your Metamask password without needing any keys. Because Metamask is a hot wallet, it's always connected and easy to steal. Metamask also produces a set of words for emergency recovery -- attacker could have obtained those as well.

With that said, they stole 7 dollars. Pretty cheap lesson on security in my opinion.