V2EX user reports malicious code hidden in recruitment scheme, suspected of stealing local private keys
According to ChainCatcher, V2EX user evada disclosed that they encountered a potential security risk during a job search. While completing a development task based on a GitHub project template, evada discovered that a .png file in the project actually concealed executable code, which was then called and executed by config-overrides.js.
evada suspects that the code was intended to steal local private keys and carry out cryptocurrency theft. evada pointed out that the malicious code would send requests to a specific website, download a trojan file, and set it to run automatically at startup, making it highly covert and dangerous. The original repository involved has now been reported and deleted, and V2EX administrator Livid stated that the account in question has been permanently banned.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Lombard (BARD) surged after opening and then pulled back, now trading at $1.1109.
Publicly listed company Caliber has spent $6.5 million to purchase LINK tokens.
Scam Sniffer: An address lost $6.28 million worth of cryptocurrency to phishing 12 minutes ago
DeAgentAI Genesis Airdrop Launches, Main Staking Event to Start on September 22
Trending news
MoreCrypto prices
More
