Malicious repository

This is a malicious repository: https://bitbucket.org/lmng-world/teddybear_pds/src/main/

It's part of a crypto recruiter scam. They give you a "technical assessment task" and send you this repo, which includes a .vscode/tasks.json file that automatically runs some shell commands upon opening it in VS Code. This downloads some malware which they use to open a backdoor into your system in an attempt to get your wallets' private keys and drain them.

This specific one contacted me through LinkedIn, leading me on as a supposed interview process. There were several red flags, so I knew it was a scam before getting access to the code ("co-founder" doing the intro call, very odd accent for the company's supposed base location, some other things)

Stay safe out there.

1 answer

0 votes

Hi @Giovanni Effio

Thank you for reporting this - I've gone ahead and reached out to our security team who have investigate this user and de-activated their account & workspace.

In future - you may also email reports through to abuse@atlassian.com

Cheers!

- Ben (Bitbucket Cloud Support)

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Suggest an answer

Was this helpful?

Thanks!

Bitbucket

DEPLOYMENT TYPE

CLOUD

PERMISSIONS LEVEL

Product Admin

Forums

Q&A

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

Malicious repository

1 answer

Suggest an answer

Was this helpful?

Thanks!

DEPLOYMENT TYPE

PERMISSIONS LEVEL

TAGS

Atlassian Community Events