V2EX user reports malicious code hidden in recruitment scheme, suspected of stealing local private keys
According to ChainCatcher, V2EX user evada disclosed that they encountered a potential security risk during a job search. While completing a development task based on a GitHub project template, evada discovered that a .png file in the project actually concealed executable code, which was then called and executed by config-overrides.js.
evada suspects that the code was intended to steal local private keys and carry out cryptocurrency theft. evada pointed out that the malicious code would send requests to a specific website, download a trojan file, and set it to run automatically at startup, making it highly covert and dangerous. The original repository involved has now been reported and deleted, and V2EX administrator Livid stated that the account in question has been permanently banned.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Bank of America: Trade Agreement Reduces Uncertainty, Bank of Japan May Adjust Policy Stance This Week
Independent Miner Successfully Mines Block 907,465, Earning 3.164 BTC
Trending news
MoreCrypto prices
More
