
(Scams Subreddit): [Money for your] GitHub PGP keys – is this a scam? - shubb
https://www.reddit.com/r/Scams/comments/f7gwln/github_pgp_keys_is_this_a_scam/
======
shubb
Several apparent reports of someone trying to buy old de-activated github pgp
keys.

This is probably a social engineering attack - presumably the attacker is
gonna want the key pair in the hope the private key will unlock... something
else.

What is the default linux ssh key used for that would make a good target?
Personal sever instances would be hard to locate, so it is probably something
central like cloud provider authentication?

EDIT: Disappointingly, it's this [https://github.com/handshake-org/hs-
airdrop](https://github.com/handshake-org/hs-airdrop)

------
detaro
previously:
[https://news.ycombinator.com/item?id=22393687](https://news.ycombinator.com/item?id=22393687)

------
verdverm
They are after your Handshake.org airdrop

It was worth $2k last I heard

