💥 The most expensive
About a month ago, an HR manager messaged me on LinkedIn. His profile looked perfectly legit: a real photo, a clear description, around 500 connections, and even a few mutual contacts I personally knew.
He mentioned a Web3 position: fully remote, minimal requirements, and an exact match for my stack. One of those rare dream offers that seem to appear out of nowhere.
I sent my CV, and he replied almost instantly: “Great! You can start with the test assignment right away.”
It felt a bit odd; no interview, no call; just “do the test.” But the task looked harmless: just review a small project. So I cloned the repo, ran it locally… and didn’t think twice.
⏳ A few hours later, I opened my crypto wallet and froze. The balance was almost zero.
There were no phishing links. No fake websites. No suspicious approvals. Just… gone.
After a long night of digging through the code, I finally found the reason. The project contained a malicious dependency, a hidden script that ran automatically on startup. It quietly collected environment variables, wallet data, and session tokens, then sent them to a remote server.
That moment cost me $25,000 and completely changed how I work.
🧠 Since then:
• I run unknown projects only in Docker or a VM.
• I check every dependency before running
• All my real funds stay cold on Ledger.
Because developer security isn’t just about strong passwords or VPNs. Sometimes it’s about one small decision, whether or not to press npm start.
💬 Losing $25k was painful. But losing trust in what used to feel like a normal part of my job was even harder.
If you work in Web3 or deal with wallet integrations, please learn from my mistake.
𝐧𝐩𝐦 𝐬𝐭𝐚𝐫𝐭 of my life.About a month ago, an HR manager messaged me on LinkedIn. His profile looked perfectly legit: a real photo, a clear description, around 500 connections, and even a few mutual contacts I personally knew.
He mentioned a Web3 position: fully remote, minimal requirements, and an exact match for my stack. One of those rare dream offers that seem to appear out of nowhere.
I sent my CV, and he replied almost instantly: “Great! You can start with the test assignment right away.”
It felt a bit odd; no interview, no call; just “do the test.” But the task looked harmless: just review a small project. So I cloned the repo, ran it locally… and didn’t think twice.
⏳ A few hours later, I opened my crypto wallet and froze. The balance was almost zero.
There were no phishing links. No fake websites. No suspicious approvals. Just… gone.
After a long night of digging through the code, I finally found the reason. The project contained a malicious dependency, a hidden script that ran automatically on startup. It quietly collected environment variables, wallet data, and session tokens, then sent them to a remote server.
That moment cost me $25,000 and completely changed how I work.
🧠 Since then:
• I run unknown projects only in Docker or a VM.
• I check every dependency before running
npm install. • All my real funds stay cold on Ledger.
Because developer security isn’t just about strong passwords or VPNs. Sometimes it’s about one small decision, whether or not to press npm start.
💬 Losing $25k was painful. But losing trust in what used to feel like a normal part of my job was even harder.
If you work in Web3 or deal with wallet integrations, please learn from my mistake.
🔥2👍1😁1
@obkeberbot ishlatib ko'rib feedback qoldiringsizlar do'stlar productionga chiqardik
B2B bizneslar uchun asosan bu loyihamiz. Korzinka bilan hamkorlikda
@obkeberbot
B2B bizneslar uchun asosan bu loyihamiz. Korzinka bilan hamkorlikda
@obkeberbot
🔥5
Bugun faqat manda potensial yo'qmi yoki silardayammi?
Ha - 🔥
Mandayam shu ahvol - ⚡️
Yo'q manda hammasi yaxshi - 🧑💻
Ha - 🔥
Mandayam shu ahvol - ⚡️
Yo'q manda hammasi yaxshi - 🧑💻
🔥26👍2🥰2😁1
Forwarded from Nuruddin Blogs
Cheatingni oldini olish uchun tech interviewlarda ko’zingni yumib javob ber deyishayotgan ekan. Qiziq a.
@nuruddinblogs
@nuruddinblogs
❤2
99% insonlardan o'tib ketib 1% lar ichida bo'lish xaritasi!
https://www.youtube.com/watch?v=Yu19w8A9n8A
https://www.youtube.com/watch?v=Yu19w8A9n8A
😁5👍2
Serveringiz BRUTEFORCE bo'lib miner fayllar ishga tushirib qo'yilmadimi?
❤2
UzGeeks Community - 10 yoshda🎉
Kimga jo'natishni bilasiz))
Qancha vaqtiz ketsa ham loyihalarni docker da kotaring, serverizga password kirishni ochirib faqat ssh orqali kirishni yoqib qoying bolar bolmas third party package larni ornatib tashamang
Xulosa: ozingni ehtiyot qil qoshingni ogri tutma
Xulosa: ozingni ehtiyot qil qoshingni ogri tutma
Dasturchida ham boladi qaysidir loyihasiga astoydil mehr berib qiladi hamma detaligacha etibor bilan juda sinchkovlik bilan qiladi boshqacha yaxshi koradi.
Mandayam bolgan shunaqa holat. Man JoinPoint startupimizga juda boshqacha mehr berganman yaxshi korib kod yozganman hamma joyiga sinchkovlik bilan etibor bilan yondashganman. Hozir esa shunchaki startupimiz yaxshigina userlari borligini anchagina summada pul aylanganini mashhur insonlar bilan taniqli bilimli ilmli insonlar bilan ishlayotganimmi korib mazza qilaman. Ha desa. Man qurganman shu loyihani deymanda. Bugun esa Najot Talim ga sotuv qildik aslida maqtanadiganmas lekin man ozim shu talim markazini bitirib shu darajaga yetib yana ozlariga sotganimiz boshqacha
emotsiya berdi🥹
Aytmoqchimanki hozir qilayotgan mehnatingiz albatta qachondir oz mevasini berarkan)
Mandayam bolgan shunaqa holat. Man JoinPoint startupimizga juda boshqacha mehr berganman yaxshi korib kod yozganman hamma joyiga sinchkovlik bilan etibor bilan yondashganman. Hozir esa shunchaki startupimiz yaxshigina userlari borligini anchagina summada pul aylanganini mashhur insonlar bilan taniqli bilimli ilmli insonlar bilan ishlayotganimmi korib mazza qilaman. Ha desa. Man qurganman shu loyihani deymanda. Bugun esa Najot Talim ga sotuv qildik aslida maqtanadiganmas lekin man ozim shu talim markazini bitirib shu darajaga yetib yana ozlariga sotganimiz boshqacha
emotsiya berdi🥹
Aytmoqchimanki hozir qilayotgan mehnatingiz albatta qachondir oz mevasini berarkan)
❤7
Har kuni kodlardan video lavhalar umuman hozirgi qurayotgan startupimiz OBKEBER loyihasidagi jarayonlarni, kodlar yechimlar buglar logikalar haqida IT kompaniyadagi holat haqida coworking markazimiz haqida videolar ulashib tursam qiziq boladimi?
🔥1
This media is not supported in your browser
VIEW IN TELEGRAM
❤2🔥2👍1
This media is not supported in your browser
VIEW IN TELEGRAM
Obkeber loyihamizda yangi buyurtma yigish jarayoni)
EPA kompaniyasi buyurtmasi)
EPA kompaniyasi buyurtmasi)
🔥7👍3❤2
This media is not supported in your browser
VIEW IN TELEGRAM
😁3👍2
Bugun OBKEBER startupimizni Taqdimotga olib keldik. Duo qilib turinglar yaxshi natijalar bilan qaytish nasib qilsin
👍8🔥2