Feed
That is scary.
Interesting that you used AI to save yourself. I would have had 2nd thoughts at the AI generated estate agent!
Also: who has production credentials on their developer machine?? Then you are asking for it.
Stay safe out there.
Hi David, thank you for sharing your story, it made me realize I was definitely not paranoid enough... so far π
Do you know if the malware involved was platform-agnostic? For instance, could being on Linux vs Windows save the potential victim?
Hi David, thanks for sharing. I've ran the script, luckly the computer I ran the code did not hold any important information. I'll reinstall the OS. And thanks again for sharing the valuable experience.
Hi David, thanks for your posting. Can you share me with that malware JS file? I'd like to see that honestly.
I got the same treatment from a different recruiter and different company! This time they MODIFIED a npm library to hit a URL (api.mocki[.]io/v2/chopmguh/tracks/errors/190529. Its safe as LONG as you don't run the downloaded javascript, it will appear as text) and run this obfuscated code!!!
The company is another Crypto company (www.linkedin.[.]com/company/blockchain-121/) from a recruiter (www.linkedin[.]com/in/elena-blahodir/) which I have already reported to linkedin.
They also sent me to a bitbucket repo. (bitbucket[.]org/screening_assessment/mike_dex_challenge_ret/src/main/) (Just realized this thing has 3 forks~~ And the watchers of each for are questionable. Anyway another lead to chase down. )
And all the emails... they come from .outlook.com. That should been a big clue.
I unfortunately ran the code locally (facepalm), and I am trying to track down if anything malicious is happening on my machine.
I have another recruiter hitting me up from a very odd company which is following the same pattern, and I am suspecting is another one of these.
Hi David π
I'm a Lead Recruiter here at Symfa.
Thanks so much for sharing your story π.
Sadly, these kinds of scams, where people pretend to be from legitimate companies, are happening more and more. We've reported these fake profiles pretending to be our employees multiple times, but LinkedIn hasn't done anything to block them.
Here are a few things to keep in mind:
To help protect yourself from these schemes:
We're doing our best to catch and stop these scammers as fast as possible.
I would appreciate it if you could provide me with more detailed information. Could you also let me know how I can find you on LinkedIn?
Hi David, I'm Sergey Galuza β Symfa's founder. Thanks for flagging this! These scammers have nothing to do with Symfa β they just exploited LinkedIn's default setting that lets anyone add any company to their profile. We've now disabled that and added verification. If you have any additional info, I'd be happy if you share in DM so we can investigate this further. Appreciate you looking out for the dev community!
I used to work at Symfa. Yes, it wasn't the best experience, but even for them, scamming is beyond what I can imagine and believe. What I think happened to you is that a corrupt employee was involved. I can't find that Mykola on LinkedIn right now (as of 2025.10.16). I suppose he either worked there and was fired after the incident, or he never existed: just a fake account connected to the company. In any case, they covered the whole thing up. Obviously, they need to check who theyβre connected to in their profile. It just means we need to be suspicious of people. Since the Mitnick era, not much has changed.
It seems like they were quite prepared. I'd say the screenshots, especially the LinkedIn profile and messages look pretty convincing. Usually, scammers are sloppy, they don't use Calendly, and you can often spot things like odd punctuation in their comments. But these guys seem professional.
One red flag for me is that I never do coding challenges before having at least one face-to-face video call. That filters out a lot of scammers.
So, did you show for the interview just to see if they would?
I'm guessing they just didn't turn up.
bryan Karasugashima
I mean the logo of "BE BRAVE LIKE UKRAINE" and f*cking ---->MYKOLA<--- Yanchii should ring all the alarm bells you needed, its well known and documented in news articles how Ukranda is running all kinds of massive scam operation to fund their futile war and bankrupt government. Dont believe me? just do a search on google or yandex to get both sides of the coin. Adi would heavily question even the "Founder" and "recruiter" in the comments.