← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Threat Intelligence: Uncovering a Web3 Interview Scam
WHITE CyberHunter_NL 2025-08-13 Modified: 2025-09-12
21
IOCs
MEDIUM VOLUME
npm packagelicense filechromebraveoperapython scriptscriptgithubunited nationsweb3 interviewjokercrypto
Indicators of Compromise (21)
All FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 af46c7917f04a9039eb0b439a7615ec07b7ad88048cb24fe23c454c16dffcd57 2025-08-13
URL http://144.172.112.106:1224/client/5346/64 2025-08-13
URL http://144.172.112.106:1224/pdown 2025-08-13
URL http://172.86.64.67/api/service/makelog 2025-08-13
URL http://172.86.64.67/api/service/process/ 2025-08-13
URL http://172.86.64.67:4181 2025-08-13
URL http://172.86.64.67:4186/upload 2025-08-13
URL http://172.86.64.67:4187/upload 2025-08-13
URL http://172.86.64.67:4188/upload 2025-08-13
URL https://api.npoint.io/96979650f5739bcbaebb 2025-08-13
domain bhex.sg 2025-08-13
hostname api.npoint.io 2025-08-13
URL https://github.com/EvaCodes-Community/UltraX 2025-08-13
URL https://github.com/EvaCodes-Community/UltraX. 2025-08-13
URL https://github.com/kylengn/UltraX 2025-08-13
URL https://github.com/taqveemahsan/UltraX 2025-08-13
URL https://github.com/zinping/Pain_project 2025-08-13
URL https://registry.npmjs.org/rtk-logger/-/rtk-logger-1.11.5.tgz 2025-08-13
URL https://www.npmjs.com/package/redux-ace 2025-08-13
URL https://www.npmjs.com/package/rtk-logger 2025-08-13
URL https://x.com/SlowMist_Team/status/1954037572239602113 2025-08-13
References (1)
↗ https://slowmist.medium.com/threat-intelligence-uncovering-a-web3-interview-scam-bb366694b7f3