đš Scam alert targeting blockchain developers đš
Running their code almost got my #wallet flushed. Story time đ
Yesterday I got contacted by a client on fiverr, looking to hire blockchain developers. This client had no reviews (first red flag). Offer was pretty appealing (500 USD per day, paid weekly) and at the same time very suspicious to me (rare to find this type of offer on the market), so I decided to dig deeper. He was not really interested in my portfolio and wanted that I jump into the technical test asap (third red flag to me). He invited me on Github, and after checking the code (from Github directly), I noticed some code that would scan the OS and try to find private key of crypto wallets. One library to check is "child_process" in the package.json, that has nothing to do here. đ Luckily I was well informed and knew about this trick upfront so I did not get into the trap.
Summary always be aware of these phising attacks! Specially for the developers and for those who store there private key in there systems!
check the below code template