A Web3 team claiming to be from Ukraine lured members to clone malicious code under the pretext of an interview

According to SlowMist, a community member was recently asked to clone a GitHub code repository locally during an interview with a Web3 team claiming to be from Ukraine, but the member wisely declined. Analysis shows that the code repository contains a backdoor that, if cloned and executed, would load malicious code, install malicious dependencies, steal sensitive browser and wallet data (such as Chrome extension storage, possible mnemonic words), and leak it to the attacker's server. This is a scam that uses job opportunities as a trap. Be vigilant and do not run code from unverified sources.