December 28, 2023 at 06:26AM
Blockchain developer Murat Çeliktepe was targeted by a LinkedIn recruiter for a web development job. As part of the interview, he was asked to debug npm packages from a GitHub repository, leading to his MetaMask wallet being drained of over $500. This scam has also targeted other developers, highlighting the need for caution with job offers.
The meeting notes detail a blockchain developer’s experience of being targeted by a scam through a fake job offer. The recruiter asked the developer to download npm packages from a GitHub repository as part of a job interview, leading to the developer’s MetaMask wallet being emptied. The developer’s appeal for help was followed by further scam attempts, and community members offered insights, including the theory that the attacker may have gained access via a reverse shell deployed through the npm projects. Others suggested the malware may have copied passwords or intercepted network traffic during the “tech interview.” The developer was not the only target, as other individuals were approached by the same recruiter. It’s advised for web developers and security researchers to be cautious of fake job offers on career platforms and to complete job exercises on a separate (virtual) machine from their primary device.