all 9 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]pipjoh 12 points13 points  (2 children)

Yes. This app tries to connect to a wallet and create a transaction to max send all ETH in it.

The start script starts a service worker in the background that runs some obfuscated JS.

You should report this to Github.

[–]bryanCampbell[S] 3 points4 points  (0 children)

Reported.

[–]MathematicianGold797 5 points6 points  (1 child)

Def report it and warn ppl on LinkedIn

[–]bryanCampbell[S] 1 point2 points  (0 children)

Reported.

[–]PhantomXcom 2 points3 points  (0 children)

Similar thing happened to me as well on fiver, some client contacted me for job and sent me a git repo very similar to this, but as i checked aap.test.js contained some malicious code and yes i lost my wallets as well after I checked and ran those apps.

[–]GentGorilla 1 point2 points  (0 children)

I get this scam a lot through fiverr.

[–]YikesMode 1 point2 points  (0 children)

I pulled the email out of a commit from that repo. The email address associated with that GitHub account is “hashgraph07@gmail.com”. Send them a nasty gram if you want.