2 points | by edweis 2 days ago
1 comments
once he “got hired,” they invited him into a fake Slack workspace full of AI-generated “team members.”
they gathered as much personal info as possible (address, birthdate, citizenship). This has resale value too (identity theft).
The next step (that he never reached) would have been:
“Here’s our codebase for you to set up locally.”
Malicious repo or zip file disguised as project onboarding.
Code runs → quietly steals his wallet keys and credentials.
once he “got hired,” they invited him into a fake Slack workspace full of AI-generated “team members.”
they gathered as much personal info as possible (address, birthdate, citizenship). This has resale value too (identity theft).
The next step (that he never reached) would have been:
“Here’s our codebase for you to set up locally.”
Malicious repo or zip file disguised as project onboarding.
Code runs → quietly steals his wallet keys and credentials.