Crypto Scams Targeting Developers
Marcos Pimienta
Software Engineer | DevOps | Cloud Engineer #JavaScript #Kubernetes #Docker #Python #GCP #AWS #NodeJS
Recently, I was targeted by a scam that was cleverly disguised as a job opportunity. I am sharing my experience to raise awareness and help others avoid falling into similar traps.
The Approach
It all started with a message on LinkedIn from someone named Harvey Lee, who claimed to be part of a team working on an exciting blockchain project called "Reject Rumble." They praised my profile and expressed interest in my skills.
Initial messages from the scammer.
The Offer
Harvey explained that their team needed help with front-end development for their crypto betting website. They shared a link to a demo project and a repository link where the project's code was hosted.
Details about the project and repository.
领英推荐
The Red Flags
Thanks to my friend Johan Sebastian Baldrich Hinestroza while reviewing the code, He noticed a file named error.js located at authentication/middlewares/helpers/. At first glance, the file seemed harmless, containing typical error handling code. However, on closer inspection, we found extra lines of code with encrypted text for certain functions.
Suspicious code with encrypted text.
The Malicious Code
The encrypted text was the key to uncovering the scam. The additional code was designed to copy my information using Python. If Python wasn't installed on my system, it would execute a bash script to achieve the same goal. This malicious code aimed to steal sensitive information from my system.
Malicious script intended to steal information.
Protect Yourself
Here are a few tips to protect yourself from similar scams:
Sharing this experience can help others stay vigilant and avoid falling victim to such scams. Always prioritize your security and privacy when dealing with online job opportunities.
Operations and Sales Manager at Okie Print Barn.
1 天前I recently became a victim of an online scam, resulting in a loss of $370,000. The financial impact was significant, and it left me feeling vulnerable. Thankfully, I was referred to a reputable recovery team specializing in recovering stolen funds, and they played a crucial role in helping me get my money back. If you’ve experienced a similar situation, I recommend reaching out to this recovery team for help. You can contact them via: Email: [email protected] WHATSAPP: +1 (267)624 2178
Sales Manager at ResQ
2 周There has been many speculations about digital assets being impossible to recover after it get stolen or lost but I must tell you it’s possible to get them back you just need to find a reliable and experienced asset recovery team who are experts in retrieving digital assets with many positive testimonials. After in-depth research I must commend?[email protected]?as the only recovery team who stood out in tracing and returning all lost or stolen funds through unauthentic investments. All my stolen assets worth $155k recovered in tranches through the expertise of this noble team. This group of experts deserve my recommendation and appraisals. Truly he who laugh last laugh best!
Fisioterapeuta e Psicóloga
2 周They got me in it as well. Never thought I'd recover my lost funds, after losing huge amounts to a scam scheme, I sought help. The scammers kept asking for more money, supposedly for taxes,I got fed up and realised it was a ploy. Luckily, I found a cyber security team, EMAIL: [email protected] WHATSAP: +44 7760 491804 a department of white heart hackers recommended by the IC3 after filling a complaint. They intercede and helped me investigate and recover my assets using their web3 hack protocol and cyber nodes software. After providing all payment made to this scammers. I got my money traced back, unlike other agencies. Looks like lots of victims out there haven’t heard about Them They’re saving victims with asset trace provided you have all info proofs of payment.
Full Stack Developer | Node | Vue
3 个月had similar experience, scammer named "kerry_wallac" contacted me on fiverr, and shared this repo: https://bitbucket.org/madyson99/web3_demo
--
7 个月Good point!