V2EX user reports malicious code hidden in recruitment scheme, suspected of stealing local private keys
According to ChainCatcher, V2EX user evada disclosed that they encountered a potential security risk during a job search. While completing a development task based on a GitHub project template, evada discovered that a .png file in the project actually concealed executable code, which was then called and executed by config-overrides.js.
evada suspects that the code was intended to steal local private keys and carry out cryptocurrency theft. evada pointed out that the malicious code would send requests to a specific website, download a trojan file, and set it to run automatically at startup, making it highly covert and dangerous. The original repository involved has now been reported and deleted, and V2EX administrator Livid stated that the account in question has been permanently banned.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
A series of employment data will be released in the US tonight, and the probability of a rate cut has reached 94%.
Ethena Labs partners with Anchorage Digital, which will provide platform rewards for USDtb and USDe
Trending news
MoreCrypto prices
More
