So many types of social engineering hacks, targeting web3 developers 💀

Picture this. You’re chilling, shipping features, maybe fixing a random “gas estimation failed” bug for the 4th time this day. Then a DM lands: “Hey, we’re doing an NFT project and need someone like you to help us.” “Loved your GitHub profile. I see a lot of contribution you made. Do you want to contribute in our project?” “Your repo is vulnerable. Here’s a PR to fix it.” And because you’re a builder, you do the builder thing: You clone, run, click, and merge. Congratulations, you just got socially engineered. Alright, shall we begin :) Why Web3 devs get targeted so hard Short answer: because you don’t just have the code, you have the access! Something like: deployer keys (or the machine that touches them) CI secrets (that can publish packages, push image) priviledged social media like Discord/Telegram that can “announce” and so on They can just break your workflow. In Web3, the fastest way to drain funds is not a re-entrancy bug. It’s a developer having a normal day. The menu of attac

So many types of social engineering hacks, targeting web3 developers 💀

Related Articles

Android Remote Compose：讓 Android UI 不用發版也能更新

Learn Something Old Every Day, Part XVIII: How Does FPU Detection Work?

“Learn to Code” Is Dead… Learn to Think Instead

How One File Makes Claude Code Actually Follow Your Instructions

LeetCode Solution: 121. Best Time to Buy and Sell Stock

Related Articles

How-To
Android Remote Compose：讓 Android UI 不用發版也能更新
Medium Programming • 3d ago

How-To
Learn Something Old Every Day, Part XVIII: How Does FPU Detection Work?
Lobsters • 3d ago

How-To
“Learn to Code” Is Dead… Learn to Think Instead
Medium Programming • 3d ago

How-To
How One File Makes Claude Code Actually Follow Your Instructions
Medium Programming • 3d ago

How-To
LeetCode Solution: 121. Best Time to Buy and Sell Stock
Dev.to Tutorial • 3d ago