Search the Community

A few days ago, a user contacted me on LinkedIn with a job offer, the message seemed very direct to me, but when I checked his profile and the company he worked for, everything seemed quite normal, and after answering the messages, and starting a process the interview went pretty straight forward (personal interview about my technical background, personal projects, etc), everything very normal up to that point. At the time of the technical interview, this person gave me the link to a repository where the challenge was (a backend/frontend project with a README in the root with the instructions). Maybe it was nerves, or maybe I was too confident, but I didn't review the code before running the project on my machine, but when I started the backend, I notice that although the terminal showed me that the server was running with no errors, I notice that when making any request no log appears, and that caught my attention. After making a review of the code I notice this weird line hidden at the end of a file (Picture 1 and 2) That was the line that prevented the server from running, when I checked that file I found this (Picture 3) The file is obfuscated, but at first glance you can tell it's an IIFE, and using an online tool I tried to decrypt it as much as I could and I found this kind of things (Picture 4, 5, 6, 7, 😎 Clearly that script was gathering information from my computer and sending it to that IP, and from what I can see the information it is trying to retrieve is related to crypto wallets. Obviously, all the responsibility here falls on me for not having reviewed the code at the beginning, or running the project on a virtual machine, as I said at the beginning, perhaps it was the nerves of the "interview" and I forgot about that. Another detail that I noticed after looking at the code more closely is that the folder where the script is is ".svn" (something very familiar to those who used Subversion), but the detail here is that many folders that start with a "." gets hidden by VSCode on the file explorer, so it was harder to notice if I hadn't found the reference in the code. Luckily they haven't been able to take any information from my computer since I don't have anything related to crypto, but I have had to change all my passwords, so lesson learned. Source

Paypal Scam 2015 Screentshot: // Removed PS: change Your email in this files : LOGIN.php | INFOS.php | VBV.php | BANK.php location => secure/home/update and here is some Paypal letters // Removed

Hello, We are a small group of investors, programmers and brokers which have dedicated their time to research and development. We have developed an algorithm which allow us to safely invest at NO RISK in BITCOIN and other digital currencies through. If you want to earn some BTC fast and without hassle just check our website: time2btc.com - Home You can chose from one of the below investment options and start earning TODAY: Examples: BTC TO INVEST MULTIPLIER BTC TO BE DEPOSITED 0.01 x2 0.01002 0.05 x4 0.05004 0.1 x10 0.10010 0.5 x25 0.50025 1 x50 1.00050 Check the return on investments we made so far: Last payments - time2btc.com Regards, TIME2BTC TEAM FAQ's Pentru Romanasi , Nu e scam, nu am pus lincul meu de referal , nu nimic.. Puteti incerca, este acolo si Last payments. Totul e OK , doar trebuie sa asteptati ...

So I scam so hard muhfuckas wanna dox me dumb niggas, Im behind 7 proxies What’s 50 BTC to a muhfucka like me Blockchain please remind me? scam so hard, this shit crazy Y’all don’t know that don’t shit phase me tor updated to 4.0.2 and I took your coins to BTC-E scam so hard, the coins cleared We ain’t even s’pose to be here, scam so hard, since we here It’s only right that we be fair Psycho admins liable go evo, take your pick Verto , NSWGreat, Kimble, scammed Bitch scam so hard, got a broke clock, Rolleys that don’t tick tock Audemars that’s losing time, hidden behind all these big rocks scam so hard, I’m shocked too, I’m supposed to be locked up too you escaped what I’ve escaped You’d be in Belize getting fucked up too