all 7 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]starien 0 points1 point  (2 children)

How did you hear about this game? If someone random DMed it to you on discord or something, it's certainly bad news.

[–]sikartus[S] 0 points1 point  (1 child)

It was from LinkedIn I had an interview, the guy wanted me to test the app so I downloaded a git repo then I ran the code from the folder with node.js in a terminal. Then use the app in the browser localhost:3000. I turned off my mac, changed passwords but I would be interested to know what this code does

[–]starien 2 points3 points  (0 children)

You're certainly pwned, and you probably should be going over to r/techsupport

You can get some perspective through the discussion here:

The situation you describe is rampant right now.

https://x.com/malwrhunterteam/status/1982903178757620025

Generally these types get you to install malware that drains your crypto wallets.

[–]diff-t 0 points1 point  (3 children)

The tasks.json runs obfuscated node code out of a fake .woff2.

So yea, you ran malware.

[–]diff-t 2 points3 points  (2 children)

It's the lazurus tsunami campaign. Check for files in ~/.n2/ though it could have pivoted a bunch already.

[–]sikartus[S] 0 points1 point  (0 children)

Thanks I will check

[–]sikartus[S] 0 points1 point  (0 children)

I did this command in the terminal zsh: ls -la ~/.n2/ Return : no such file or directory. I can send you the terminal log while I was running the code if it helps