I was asked to install malware during a fake interview
3 hours ago
- #Cybersecurity
- #Malware Scams
- #Social Engineering
- Author receives LinkedIn offers for technical advisor roles that are malware scams.
- First scam: 'Johan Bulenes' and 'Steve Bullard' share a GitHub repo prompting npm install to trigger malware.
- Claude analysis reveals malicious code via VS Code tasks, env exfiltration, RCE, and auth bypass.
- Second scam: 'Russell Moronko' shares a Bitbucket repo with backdoor via errorHandler for RCE.
- Scammers block the author after confrontation, similar to North Korea-linked DeFi scams.
- Tips to spot scams: avoid public repos without NDAs, check repo activity, and use sandboxes/VMs for npm install.