"Blockchain Dev's Wallet Emptied in 'Job Interview' Using npm Package"

A "recruiter" approached a blockchain developer on LinkedIn for a web development job and asked him to download npm packages from a GitHub repository, which led to the developer's MetaMask wallet emptying. It is not uncommon for legitimate technology interviews to include some kind of take-home exercise or proof-of-concept (PoC) assignment involving writing code or debugging, thus making the lure convincing even to technically savvy individuals like developers. An Istanbul-based bug bounty hunter speculated that the npm projects effectively paved the way for the attacker to deploy a reverse shell by opening up port 5000 on the developer's machine and "listening" for connections. This article continues to discuss findings and theories regarding the incident.

Bleeping Computer reports "Blockchain Dev's Wallet Emptied in 'Job Interview' Using npm Package"

Submitted by grigby1