Hacker NewsThese past months, I've seen several social media posts about people getting scammed during coding challenges or take-home tests. The cases usually involve cloning a GitHub repository that claims to contain the coding challenge and being asked to run the code, which actually contains malware or steals your data.
Do you have any advice on how to protect ourselves from this? Are there any recommended tools to scan such code? Is regular antivirus software sufficient?
I've seen several suggestions, such as always running this type of code in a VM or emulator. However, I think this solution only isolates the environment. Ideally, we need a way to determine if the code is malicious so we can decide to abandon the interview if it already seems suspicious.
loading...