Comment by codingdave
5 months ago
I'm seeing red flags all over the story. "Blockchain" being the first one. The use cases for that are so small, it is a red flag in and of itself. Then asking you to run code before a meeting? No, that doesn't "save time", that is driving you to take actions when you don't yet know who is asking.
Still, I appreciate the write-up. It is a great example of a clever attack, and I'm going to watch out more for such things having read this post.
Doing this in the context of blockchain is probably a filter. Only folks who don't think his is all a scam anyway would apply there. So you filter for getting the more gullible folks. That are more likely to have a wallet somewhere.
Just like nigerian prince scams are always full of typos and grammar issues. Because only those not recognizing that as obvious scams click the link and thereby this is a filter to increase signal to noise for the scammers.
Someone applying to a blockchain company is probably also more likely to own a valuable crypto wallet the attacker might be able to access.
That’s a rude way to put it. I think crypto is full on BS but I have many very smart, self aware friends who are into blockchain.
What this is a strong filter for people likely to have crypto wallets on their dev machines.
A freelance crypto developer is likely to have access to repos of other Blockchain projects, once his machine is compromised the attackers may be able to push malicious code to other repos and spread the virus or execute an attack like the one on Safe.
> I think crypto is full on BS but I have many very smart, self aware friends who are into blockchain.
Smarts have little to do with this. You can be smart and still not see that it's BS. Or you are smart, see it's BS and still think it's a good way to make money (by essentially ripping off those who don't see that it's BS). Or you just don't care and it's just a job. Fine too, everybody draws a line for themselves with what's acceptable. Some don't work in weapons, some not in nuclear, some not in crypto.
> What this is a strong filter for people likely to have crypto wallets on their dev machines.
A dev that keeps a live wallet with anything but toy money on their dev machine may have other problems. Bringing me back to my original point from above that this is a filter.
they may be self aware but if they're into blockchain they're unlikely to be scam aware!
3 replies →
For better or worse, there are still many people working on crypto and in the blockchain space. They are probably much more likely than the average developer to have crypto wallets to steal. It sounds like the author is one of those people. The attacker picked the victim carefully.
That said, this attack could be retargeted to other kinds of engineers just by changing the linkedin and website text. I will be more paranoid in the future just knowing about it.
> I'm seeing red flags all over the story. "Blockchain" being the first one.
Agreed. That would have forced me to abort the proceedings immediately.
During the height of blockchain, there were plenty of good, legitimate jobs. The things they were building were some combination of inane, criminal, or stupid, but the jobs themselves were often quite real. I knew more than one person being paid $300k+/yr building something completely stupid like a collectible pet dragon breeding simulator because a VC thought it had a decent chance of being the next monkey coin or something. Sure, you had to get a new job every six months as each VC ran out of money, and sure you were making the world a worse place, but hey, it's a living.
> Then asking you to run code before a meeting? No, that doesn't "save time", that is driving you to take actions when you don't yet know who is asking.
Great point, thanks for sharing!
A "legitimate" blockchain company wants me to run their mystery code on my PC for a job. Yeah. Full stop right there. Klaxon alarm sounding incoming attack.
I've noticed that I'm commenting a lot lately on the naivety of the average HN poster/reader.