🐈
» Forums » Freelancers » Very suspicious requests from new client
Page options
Georgi's avatar
Georgi G Community Member

Very suspicious requests from new client

I was invited to submit a proposal for a project yesterday and the client contacted me shortly after that. Initially everything went well, a contract was created and I was requested to review the codebase on the client's Github repository. 

This is where things started to look strange - the code in the repository had nothing to do with what we discussed previously. It contained files encoded in base64 without any obvious reason. The client kept insisting that I need to "setup the project on my computer"

When I asked the client about the strange code they told me that a friend gave them the code. 

Finally I decided to give it a try and ran did the setup process (in a virtual machine). Unsurprisingly the "code" tried to collect data from the system, mainly browser log files, cookies, possibly passwords and send them to a server somewhere.

I have been working here for years now and I never reported anyone but I think this time I should do it.

So I wanted to ask if I need to submit a support ticket for this or simply posting here will be sufficient?

3 REPLIES 3
Mykola's avatar
Mykola A Community Member

Report it via site too.

This mallware also searching for cryptowallets and deploying remote control.

Georgi's avatar
Georgi G Community Member

Yes, you are right the malware code attempted to get Metamask data too! 
I reported the conversation with the client in the Upwork chat too. 

William T's avatar
William T C Community Member

Georgi,

 

Click Support above and report.