Hacken: There are scammers posing as project parties to induce developers and auditors to download suspicious repositories. Please be aware of the ri

Bitget App

Trade smarter

Cointime2023/12/02 08:39

By:Cointime

Blockchain security organization Hacken has recently discovered a scam that has emerged on platforms such as Telegram and Linkedin. It is worth noting that this scam targets developers and auditors in the cryptocurrency industry.

Specifically, scammers on social networks specifically target individuals who provide technical services, convincing them to download a repository in the name of a legitimate project. In the repository, there is an unstable "npm run" command in the code. When executed, it may jeopardize the user's file system. This method is similar to previous scams involving fraudulent zip files and PDFs.

To strengthen defense against this strategy, consider the following measures:

- Be cautious when downloading repositories, especially when prompted by unfamiliar sources;

- Carefully check repository code using tools such as Semgrep or CodeQL and establish defined rules to ensure its safety when executed locally.

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Locked for new tokens.

APR up to 10%. Always on, always get airdrop.

Lock now!

Share link:In this post: Cardano has deployed its first zero-knowledge smart contract on the mainnet through the use of the Halo 2 zkSNARKs. The technology allows for secure and private verification of computations with the help of the network without disclosing sensitive information. ADA recently crossed the $1 level and went as high as $1.15 before a 17% drop.

Cryptopolitan•2024/11/27 03:33