Марія Бровінська Work 18 April 2025, 17:31

"The trick is in the homework stage." The developer spoke about a new fraudulent scheme under the guise of recruiting IT professionals

Software Engineer Serhiy Digtyar described a new fraud scheme that IT professionals can easily fall into. Through alleged recruitment, scammers collect data from candidates' computers and steal cryptocurrency.

Leave a comment

"The trick is in the homework stage." The developer spoke about a new fraudulent scheme under the guise of recruiting IT professionals

Software Engineer Serhiy Digtyar described a new fraud scheme that IT professionals can easily fall into. Through alleged recruitment, scammers collect data from candidates' computers and steal cryptocurrency.

«Beware, a new scam for IT professionals! Recently, a very cunning scam has appeared that targets developers, especially mid- and high-level ones. The scheme looks very convincing, so I’m sharing the details to protect others,» he wrote and explained step by step what the scammers came up with.

A recruiter or company founder writes to you and offers to join a global AI/Blockchain/VR/AR project.
Then they throw in a Google Doc with a description of the project. Everything is nicely laid out there: stack, duration, role. But what immediately catches your eye is a table with salaries for different positions.
Then they ask for a resume, ask about the desired position and salary expectations. And they say they have a «simple three-step hiring process»: resume screening, homework assignment (based on their repository), final interview + NDA.

« The trick is in the homework stage. They give you a link to the GitHub repository of the project, which you have to clone and run locally. But inside there is a hidden script that, when launched, tries to read data from your computer (including wallets like MetaMask, Keplr, Ledger, etc.) and simply steals your cryptocurrencies,» the developer said.

HR defrauded a tech company of $22 million: what the fraudulent manager came up with

"I discovered very interesting code outside the working visibility zone." Senior Frontend Developer told how he encountered fraud - a project that looked quite clear from the outside hid a threat. And IT professionals say such cases are not uncommon.