Back to List
LinkedIn Job Offer Security Alert: Developer Discovers Hidden Backdoor in Malicious GitHub Coding Task
Industry NewsCybersecurityLinkedInNode.js

LinkedIn Job Offer Security Alert: Developer Discovers Hidden Backdoor in Malicious GitHub Coding Task

A developer recently exposed a sophisticated backdoor embedded in a GitHub repository shared by a recruiter on LinkedIn. The recruiter, purportedly representing a crypto startup, invited the developer to review a codebase to address "deprecated Node modules." By utilizing a secure VPS and an AI agent for inspection, the developer identified malicious code hidden within a test file. The script assembles a remote URL from fragmented strings to fetch and execute payloads from a command-and-control server. The attack is designed to trigger automatically through the "prepare" script in the project's package.json file. This incident serves as a critical warning for technical professionals regarding social engineering and the risks of running untrusted code from potential employers.

Hacker News
Share

Key Takeaways

  • Social Engineering Lure: Attackers are using LinkedIn recruitment messages from fake crypto startups to target developers with malicious coding tasks.
  • Obfuscated Backdoor: The malicious code was hidden within a test file (app/test/index.js), using fragmented strings to assemble a command-and-control URL and bypass static analysis.
  • Automated Execution: The backdoor leverages the prepare script in package.json to execute automatically when dependencies are installed or the project is initialized.
  • Defensive Methodology: The discovery was made possible by using a throwaway VPS and an AI agent in read-only mode to audit the codebase before execution.

In-Depth Analysis

The Social Engineering Tactic

The incident began with a standard professional outreach on LinkedIn. A recruiter from a small crypto startup contacted developer Roman Imankulov, engaging in a multi-day conversation to build rapport. The recruiter described a "broken proof-of-concept" and requested a lead engineer's expertise to review a public GitHub repository. Specifically, the developer was asked to investigate an issue regarding "deprecated Node modules."

This specific request is a clever form of social engineering. By framing the task as a routine maintenance issue (updating modules), the attacker lowers the target's guard. Developers frequently clone and install dependencies to test such issues, which is exactly what the malicious repository was designed to exploit.

Technical Breakdown of the Backdoor

Upon inspecting the repository, which appeared to be a standard React frontend with a Node.js backend, the developer identified a suspicious file at app/test/index.js. This file contained approximately 250 lines of code disguised as a legitimate test suite. However, buried within walls of commented-out tests was a mechanism to assemble a URL from discrete fragments:

  • protocol: "https"
  • domain: "store"
  • separator: "://"
  • path: "/icons/"
  • token: "77"
  • subdomain: "rest-icon-handler"

When combined, these fragments form the URL: https://rest-icon-handler.store/icons/77. The script then includes a payload on line 225 that is designed to execute whatever data or commands the server at that URL sends back to the local machine. By fragmenting the URL and hiding the execution logic among commented code, the attackers aimed to evade automated security scanners and casual manual reviews.

The Trigger: Exploiting NPM Lifecycle Scripts

The most dangerous aspect of this backdoor is its automation. The developer discovered that the malicious code does not wait for a user to manually run tests. Instead, it is integrated into the application's startup lifecycle through package.json and app/index.js.

The main entry point, app/index.js, contains the statement const test = require('./test'). In Node.js, requiring a file executes the code within that file. Furthermore, the package.json file was configured with a prepare script. The prepare script is a lifecycle hook that runs automatically during npm install or before a package is packed and published. In this repo, the prepare script was set to run app:pre, which in turn executed node app/index.js, effectively triggering the backdoor the moment a developer attempted to set up the project.

Industry Impact

Risks to the Developer Community

This incident highlights a growing trend where professional platforms like LinkedIn are weaponized to deliver malware. For developers, the standard practice of performing "take-home" assignments or code reviews for potential employers now carries significant security risks. If a developer had followed the recruiter's instructions on their local machine, the backdoor could have granted the attackers full access to their development environment, including private keys, source code, and personal credentials.

The Role of AI in Security Auditing

The use of an AI agent (Pi) to audit the code in a sandboxed environment demonstrates a new frontier in defensive security. By providing the AI with read-only access to the codebase and specific instructions to flag suspicious patterns, the developer was able to identify the threat without manual line-by-line inspection of the entire repository. This suggests that AI-assisted code review may become a standard safety protocol for developers interacting with untrusted third-party repositories.

Implications for Repository Hosting Services

The fact that a public GitHub repository was used to host a backdoor disguised as a coding task puts pressure on platforms to improve their detection of malicious lifecycle scripts. While GitHub and NPM have made strides in identifying malicious packages, the use of fragmented strings and commented-out code in a custom repository remains a difficult challenge for automated detection systems.

Frequently Asked Questions

Question: How did the developer safely inspect the malicious code?

Instead of cloning the repository to a local machine, the developer used a throwaway Virtual Private Server (VPS) on Hetzner. They then utilized an AI agent in read-only mode with limited tools (read, grep, find, ls) to scan the codebase for suspicious activity, ensuring the code could not execute during the inspection process.

Question: Why was the backdoor hidden in a test file?

Attackers often hide malicious code in test directories because these files are frequently overlooked during manual reviews. By disguising the payload as part of a test suite and surrounding it with commented-out code, the attackers hoped it would be dismissed as non-functional or legacy code by the developer.

Question: What is the significance of the "prepare" script in this attack?

The prepare script is a built-in NPM lifecycle hook. By wiring the malicious code into this script, the attackers ensured that the backdoor would run automatically as soon as the developer ran npm install or any other command that triggers the preparation phase, requiring no further action from the victim to compromise the system.

Read Original Article

Related News

Meituan Technical Team Showcases Six Research Papers at ACL 2026 Highlighting LLM Evaluation and Reasoning Optimization
Industry News

Meituan Technical Team Showcases Six Research Papers at ACL 2026 Highlighting LLM Evaluation and Reasoning Optimization

The Meituan technical team has announced the acceptance of six research papers at the ACL 2026 conference, a premier international event for computational linguistics and natural language processing. These papers cover a broad spectrum of cutting-edge AI domains, including large model evaluation, complex process reasoning, and the optimization of competition-level mathematical thinking. Additionally, the research explores advancements in reinforcement learning and the development of generative recommendation systems. By focusing on these critical areas, Meituan aims to establish a new paradigm for generative AI, addressing fundamental challenges in model performance, logical reasoning, and practical application. This contribution underscores Meituan's commitment to advancing the state of NLP and its integration into complex service ecosystems through rigorous academic research and technical optimization.

Meituan LongCat Releases General 365: A New Benchmark for AI Reasoning Evaluation
Industry News

Meituan LongCat Releases General 365: A New Benchmark for AI Reasoning Evaluation

The Meituan LongCat team has officially launched General 365, a rigorous new benchmark designed to evaluate the reasoning capabilities of artificial intelligence models. In an initial assessment of 26 mainstream models, the results reveal a significant performance gap in the industry. Google's Gemini 3 Pro, currently regarded as the strongest performer, achieved an accuracy rate of only 62.8%. Notably, the vast majority of the models tested failed to reach the 60% passing threshold, highlighting the intense difficulty of the General 365 evaluation. This release by Meituan sets a new standard for measuring high-level cognitive tasks in AI, suggesting that current large language models still face substantial hurdles in complex reasoning scenarios.

Managing AI Coding at Scale: Lessons from Refactoring 310,000 Lines of Code Using Agent Evaluation Logic
Industry News

Managing AI Coding at Scale: Lessons from Refactoring 310,000 Lines of Code Using Agent Evaluation Logic

As AI-generated code begins to account for over 90% of development output, the primary challenge for engineering teams shifts from production speed to systemic governance. This article details the Meituan Technical Team's experience in refactoring 310,000 lines of code by applying Agent evaluation principles to AI coding management. By focusing on technical debt sorting, rule construction, standardized operating procedures (SOPs), and a Pre-PR mechanism, the team successfully addressed the risk of AI-amplified chaos. The approach transforms large-scale refactoring from a high-cost, specialized project into a sustainable, daily iterative process. This framework ensures that AI remains a tool for improvement rather than a source of technical debt, providing a blueprint for enterprise-level AI integration in software development.