V2EX user reports malicious code hidden in recruitment scheme, suspected of stealing local private keys
According to ChainCatcher, V2EX user evada disclosed that they encountered a potential security risk during a job search. While completing a development task based on a GitHub project template, evada discovered that a .png file in the project actually concealed executable code, which was then called and executed by config-overrides.js.
evada suspects that the code was intended to steal local private keys and carry out cryptocurrency theft. evada pointed out that the malicious code would send requests to a specific website, download a trojan file, and set it to run automatically at startup, making it highly covert and dangerous. The original repository involved has now been reported and deleted, and V2EX administrator Livid stated that the account in question has been permanently banned.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Data: The current Crypto Fear & Greed Index is 29, indicating a state of fear.
Ethereum's net supply increased by 18,469 in the past 7 days
Swiss crypto bank Amina Bank completes DLT settlement test via Google Cloud
Data: Machi increases Ethereum long positions to $28.6 millions, with an entry price of $2,981.59
Trending news
MoreCrypto prices
More
