Web3 and software developers already face enough challenges in today’s job market. Between fake job listings, unpaid take-home assignments, and AI-generated spam, finding legitimate opportunities has become increasingly difficult. Unfortunately, a new GitHub recruitment scam is making things even worse.
Today I applied for what looked like a blockchain recruitment position and received the following hiring instructions.

The company claimed to be looking for a recruiter who could source Blockchain, Cryptocurrency, and Web3 developers. Recruiters were free to use any platform or community to find candidates. However, applicants from several countries, including India, Pakistan, Bangladesh, Nepal, Sri Lanka, Vietnam, and all African countries, were explicitly excluded.
The suspicious part came during the so-called evaluation process.
Instead of conducting interviews or reviewing portfolios, the company instructed recruiters to send developers to a GitHub repository. Candidates would clone the repository, run the project locally, and the application would supposedly report back to the company’s dashboard.
According to the document, the dashboard would automatically collect information such as the candidate’s computer name, country, and a “performance score.” Recruiters would then be paid based on that score, with higher scores earning larger commissions and bonuses.
The instructions became even more alarming when they encouraged recruiters to target anyone capable of running a MERN stack project who also owned cryptocurrency, even if they had no blockchain development experience.
If a company is asking unknown developers to download and execute code from an untrusted repository, especially while mentioning cryptocurrency ownership, care is needed. Legitimate employers do not evaluate candidates by collecting machine information through locally executed software.
Another interesting detail is the restriction on candidates from countries where cryptocurrency adoption and investment levels may be lower. It suggests that the scammers are intentionally targeting developers who are more likely to have crypto assets or valuable development environments.
Where did I find this job? On Freelancer.com, a platform that unfortunately continues to struggle with moderation of fraudulent job postings. At the time of writing, this listing is still live.
The easiest way to avoid scams like this is simple. Never run code from an unknown GitHub repository unless you completely trust the source and understand exactly what the project does. If a hiring process begins with downloading a ZIP file or cloning an unfamiliar repository before you’ve even spoken with the company, treat it as suspicious.
Developers already dislike lengthy take-home assignments. Companies should avoid making candidates jump through unnecessary hoops because it also makes these scams easier to disguise as legitimate hiring processes.
AI has made phishing and recruitment scams far more convincing in 2026. Staying skeptical is no longer optional.
I am GurayWebPro, and I write about freelancing, software development, and technology careers. If this article helps even one developer avoid running a malicious project, then it was worth writing.
Stay safe, verify every opportunity, and never execute questionable code just because someone claims it is part of an interview.









Recent Comments