Hackers create novel way to hide malicious code in blockchains

1 year ago CryptoExpert
Hackers create novel way to hide malicious code in blockchains


Cybercriminals have discovered a new way to spread malware to unsuspecting users, this time by manipulating BNB Smart Chain (BSC) smart contracts to hide malware and disseminate malicious code.

A breakdown of the technique known as “EtherHiding” was shared by security researchers at Guardio Labs in an Oct. 15 report, explaining that the attack involves compromising WordPress websites by injecting code that retrieves partial payloads from the blockchain contracts.

The attackers hide the payloads in BSC smart contracts, essentially serving as anonymous free hosting platforms for them.

The hackers can update the code and change the attack methods at will. The most recent attacks have come in the form of fake browser updates, where victims are prompted to update their browsers using a fake landing page and link.

Binance

The payload contains JavaScript that fetches additional code from the attacker’s domains. This eventually leads to full site defacement with fake browser update notices that distribute malware.

This approach allows the threat actors to modify the attack chain by simply swapping out malicious code with each new blockchain transaction. This makes it challenging to mitigate, according to Nati Tal, head of cybersecurity at Guardio Labs, and fellow security researcher Oleg Zaytsev.

Once the infected smart contracts are deployed, they operate autonomously. All Binance can do is rely on its developer community to flag malicious code in contracts upon discovery.

Contract address flagged for scam activity. Source: Guard.io

Guardio stated that website owners using WordPress, which runs roughly 43% of all websites, need to be extra vigilant with their own security practices before adding:

“WordPress sites are so vulnerable and frequently compromised, as they serve as primary gateways for these threats to reach a vast pool of victims.”

Related: Crypto investors under attack by new malware, reveals Cisco Talos

The firm concluded that Web3 and blockchain bring new possibilities for malicious campaigns to operate unchecked. “Adaptive defenses are needed to counter these emerging threats,” it said.

Collect this article as an NFT to preserve this moment in history and show your support for independent journalism in the crypto space.

Magazine: Blockchain detectives — Mt. Gox collapse saw birth of Chainalysis



Source link

Fiverr

More Stories

Kalshi traders place the odds of US recession in 2025 at over 61%

Kalshi traders place the odds of US recession in 2025 at over 61%

14 hours ago CryptoExpert
Crypto market bottom likely by June despite tariff fears: Finance Redefined

Crypto market bottom likely by June despite tariff fears: Finance Redefined

2 days ago CryptoExpert
Binance co-founder Changpeng Zhao to advise Kyrgyzstan on blockchain tech

Binance co-founder Changpeng Zhao to advise Kyrgyzstan on blockchain tech

3 days ago CryptoExpert
North Korea tech workers found among staff at UK blockchain projects

North Korea tech workers found among staff at UK blockchain projects

5 days ago CryptoExpert
Crypto exploit, scam losses drop to $28.8M in March after February spike

Crypto exploit, scam losses drop to $28.8M in March after February spike

6 days ago CryptoExpert
South Korean crypto exchange users hit 16M in ‘saturation point’

South Korean crypto exchange users hit 16M in ‘saturation point’

7 days ago CryptoExpert

Leave a Reply

Your email address will not be published. Required fields are marked *

You may have missed

The Largest Bank in Hong Kong Will Introduce Tokenization

Blockchain Financial Innovation Critical for Next Industrial Revolution, Says HashKey Chair

14 hours ago CryptoExpert
Mining Difficulty Rises 6.81% as Bitcoin Hashrate Hits Record High

Mining Difficulty Rises 6.81% as Bitcoin Hashrate Hits Record High

14 hours ago CryptoExpert
Solo Bitcoin Miners Are Winning More Blocks Lately—What Gives?

Solo Bitcoin Miners Are Winning More Blocks Lately—What Gives?

14 hours ago CryptoExpert
Kalshi traders place the odds of US recession in 2025 at over 61%

Kalshi traders place the odds of US recession in 2025 at over 61%

14 hours ago CryptoExpert
You have not selected any currency to display

Pin It on Pinterest

Crypto-Moon
Binance
Crypto-Moon
Hackers create novel way to hide malicious code in blockchains
Binance
Fiverr
Kalshi traders place the odds of US recession in 2025 at over 61%
Crypto market bottom likely by June despite tariff fears: Finance Redefined
Binance co-founder Changpeng Zhao to advise Kyrgyzstan on blockchain tech
North Korea tech workers found among staff at UK blockchain projects
Crypto exploit, scam losses drop to $28.8M in March after February spike
South Korean crypto exchange users hit 16M in ‘saturation point’
BTCC
Blockfi
The Largest Bank in Hong Kong Will Introduce Tokenization
Mining Difficulty Rises 6.81% as Bitcoin Hashrate Hits Record High
Solo Bitcoin Miners Are Winning More Blocks Lately—What Gives?
Kalshi traders place the odds of US recession in 2025 at over 61%
IMX Price Drops to 2-Year Low After 30 Million Tokens Are Sold; All-Time Low in Sight
The Largest Bank in Hong Kong Will Introduce Tokenization
Mining Difficulty Rises 6.81% as Bitcoin Hashrate Hits Record High
Solo Bitcoin Miners Are Winning More Blocks Lately—What Gives?
Kalshi traders place the odds of US recession in 2025 at over 61%