Runjak.codes: An adversarial coding test
3 months ago
- #security
- #job-search
- #phishing
- Author encountered a suspicious coding test from a company named Solvolabs.
- Discovered malicious scripts in the repository's history, designed to download and execute unauthorized code.
- Scripts fetched from various domains (codeviewer-three.vercel.app, jerryfox-platform.vercel.app, vscode-lnc.vercel.app) were part of a potential phishing or malware attack.
- The scripts included steps to authenticate, download, and execute further malicious payloads with short-lived JWTs.
- Author reported the malicious GitHub organization and domains to GitHub and Vercel.
- Reflects on the ease of falling for phishing attempts despite vigilance and the importance of being cautious during job searches.