TechFlow news, on December 4, a user was attacked while applying for a Web3 position. The attacker impersonated @seracleofficial and asked the applicant to review code on Bitbucket. After the victim cloned and executed the code, malicious programs immediately scanned all local .env files, stealing sensitive information including private keys.
Security expert Yu Cosine from SlowMist @evilcos pointed out that this type of backdoor is a typical "stealer" designed to collect various private data from users' computers, including saved browser passwords, cryptocurrency wallet mnemonic phrases, and private keys. The expert specifically warned that suspicious code must be analyzed in an isolated environment to prevent attacks.
Add to Favorites
Share to Social Media
