Scams & Phishing News Blockchain Developer's Wallet Emptied in "Job Interview"

vtqhtr413

Level 27
Thread author
Well-known
Aug 17, 2017
1,609
Antalya-based Murat Çeliktepe, a blockchain and web developer, shared this week how he was approached by a "recruiter" on LinkedIn with an Upwork job posting that looked legitimate. As a part of the job interview, the recruiter asked Çeliktepe to download and debug the code in two npm packages—"web3_nextjs" and "web3_nextjs_backend" hosted on a GitHub repository. However, moments later, the developer discovered that his MetaMask wallet had been drained—with upwards of $500 siphoned out of his account, based on the information seen by BleepingComputer.
1703867315053.png
The Upwork job posting asks the applicant to "fix bugs and responsiveness on website" and claims to pay between $15 and $20 hourly for a task expected to take under a month.
1703867003171.png
Çeliktepe, whose LinkedIn profile picture bears the "#OpenToWork" tag, decided to give this challenge a go and downloaded the GitHub repositories shared by the recruiter, as a part of the "tech interview." It isn't unusual for legitimate tech interviews to involve some kind of take-home exercise or proof-of-concept (PoC) assignment involving code writing or debugging, which makes the lure highly convincing even for technically savvy people, like developers.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top