MultiversX Tracker is Live!

PSA: Scammers are targeting cryptocurrency developers through fake non-public projects on github

All Cryptocurrencies

by COINS NEWS 110 Views

Through linked in, or other business websites, someone impersonating some company (like an exchange) will ask you if you can code for bitcoin/cryptocurrency/web3/whatever. Then, they'll invite you to a github repository that looks innocent and OK. It can be nodejs, C#, Rust, or anything that has its own package manager and build-script capabilities. Finally, if you open that project in your fancy IDE, like VSCode, the project build script (with nodejs, C# nuget, or cargo's build.rs in rust) will execute the malware through a child process, which can do all the typical stuff malware does, including info and browser-cookies stealing, taking crypto stored on the machine, key loggers, and so on.

So, there it's. I found this kind of attack esoteric, so I wanted to let you know that by just opening a project in your IDE, you're risking being hacked.

submitted by /u/TheQuantumPhysicist
[link] [comments]
Get BONUS $200 for FREE!

You can get bonuses upto $100 FREE BONUS when you:
πŸ’° Install these recommended apps:
πŸ’² SocialGood - 100% Crypto Back on Everyday Shopping
πŸ’² xPortal - The DeFi For The Next Billion
πŸ’² CryptoTab Browser - Lightweight, fast, and ready to mine!
πŸ’° Register on these recommended exchanges:
🟑 Binance🟑 Bitfinex🟑 Bitmart🟑 Bittrex🟑 Bitget
🟑 CoinEx🟑 Crypto.com🟑 Gate.io🟑 Huobi🟑 Kucoin.



Comments