The same situation has happened to me multiple times now. I know HN hates blockchain-anything but the attack is mostly aimed at those in that industry and the idea is (1) To try steal cryptocurrencies (2) To try to get inside access to blockchain companies.
For my most recent experience it was someone who had forked a "web3" trading app and they were looking for an engineer for it. But when I Googled this project their attacks had been documented in extensive details. A threat company had analysed all their activity on Github, the phishing scams they made, the lines of malicious code they had inserted into forks, right down to the payload level of the malware installed. The same document noted that this person was also trying to get hired at blockchain companies as a developer. It was a platform that tracked the hacking group Lazarus.
So a few other times... Another project was this token management system for games. In the interview I was asked directly to pull this private repo and then npm install the code. I was just thinking: yeah, either this whole thing is a scam or the company is so incompetent with their security practices that it might as well be. It was a very awkward moment because they were trying to socially obligate me to run this code on my personal laptop as part of the "job interview" and acted confused when I didn't. So I hung up, told them why it was a bad idea, and they ghosted me.
Other times... I was asked to modify a blockchain program to support other wallets. I 100% think that the task was just designed so people would be getting their web based wallets connected to it to test with then they would try to steal coins via that. It was more or less the same as other attacks. An npm repo you clone that pulls in so many dependencies you can't audit them all. Usually the prelude to these interviews is they will send over a Google Doc of advertised positions with insanely high salaries for them which is all bullshit.
As far as I can tell: this is all happening because of Bitcointalk and Mtgox hacks that happened years ago where tons of emails were leaked. They're being used now by scammers.
The other scam I get a lot of is people trying to get me to do paid work for nothing then acting offended when I don't immediately start before there's even a contract in place. There's so many idea bros now that just whack together some crap with AI. And it works fine for them up until it breaks, then they think they can just find a developer to "do the finishing touches." Not realizing that sifting through an avalanche of AI spaghetti crap to get it to work is not an easy task (and frankly not even worth doing even for money.) They can dig their own graves.
For my most recent experience it was someone who had forked a "web3" trading app and they were looking for an engineer for it. But when I Googled this project their attacks had been documented in extensive details. A threat company had analysed all their activity on Github, the phishing scams they made, the lines of malicious code they had inserted into forks, right down to the payload level of the malware installed. The same document noted that this person was also trying to get hired at blockchain companies as a developer. It was a platform that tracked the hacking group Lazarus.
So a few other times... Another project was this token management system for games. In the interview I was asked directly to pull this private repo and then npm install the code. I was just thinking: yeah, either this whole thing is a scam or the company is so incompetent with their security practices that it might as well be. It was a very awkward moment because they were trying to socially obligate me to run this code on my personal laptop as part of the "job interview" and acted confused when I didn't. So I hung up, told them why it was a bad idea, and they ghosted me.
Other times... I was asked to modify a blockchain program to support other wallets. I 100% think that the task was just designed so people would be getting their web based wallets connected to it to test with then they would try to steal coins via that. It was more or less the same as other attacks. An npm repo you clone that pulls in so many dependencies you can't audit them all. Usually the prelude to these interviews is they will send over a Google Doc of advertised positions with insanely high salaries for them which is all bullshit.
As far as I can tell: this is all happening because of Bitcointalk and Mtgox hacks that happened years ago where tons of emails were leaked. They're being used now by scammers.