A user was hacked while applying for a Web3 job. The attacker posed as @seracleofficial and asked job applicants to review the code on Bitbucket. After the victim cloned and ran the code, the malicious program immediately scanned all the local .env files, stealing sensitive information including private keys.
Security expert SlowMist Cosine @evilcos pointed out that this kind of backdoor is a typical "stealer", which collects all kinds of private information on the user's computer, including passwords saved by the browser, mnemonic words and private keys of encrypted wallets. Experts specifically remind that the analysis of suspicious code must be carried out in a separate environment to prevent attacks.
Slow Mist Cosine: Web3 job seekers encounter code review traps
2025-12-04 02:12:04
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.