Slow Fog Cosine: Job Seekers Fall for "Backdoor Theft" in Code Review, Private Keys Directly Swept Away

Slow Mist's Yu Xian @evilcos reminds that Web3 job seekers have encountered malicious code traps during interviews. In this incident, the attacker impersonated @seracleofficial and asked the job seeker to review and run code from Bitbucket. After the victim cloned the code, the program immediately scanned all local .env files and stole sensitive information such as private keys.

Slow Mist pointed out that such backdoors are typical stealers, capable of collecting privacy data like saved passwords in browsers, encrypted wallet mnemonics, and private keys. Experts emphasize that any suspicious code review must be conducted in an isolated environment to avoid running it directly on real devices and falling victim to attacks.