Your reliable guide in the crypto world, providing comprehensive news and analysis on all things related to cryptocurrency.

Hackers create novel way to hide malicious code in blockchains

– Cybercriminals have found a new method to spread malware by manipulating BNB Smart Chain (BSC) smart contracts.
– The attack, known as “EtherHiding”, involves compromising WordPress websites and injecting code that retrieves partial payloads from the blockchain contracts.
– Attackers hide the payloads in Binance smart contracts, using them as anonymous free hosting platforms.
– The hackers can update the code and change the attack methods at will.
– Recent attacks have come in the form of fake browser updates, where victims are prompted to update their browsers using a fake landing page and link.
– The payload contains JavaScript that fetches additional code from the attacker’s domains, leading to full site defacement with fake browser update notices that distribute malware.
– This approach allows threat actors to modify the attack chain by swapping out malicious code with each new blockchain transaction, making it challenging to mitigate.
– Once the infected smart contracts are deployed, Binance can only rely on its developer community to flag malicious code.
– Website owners using WordPress need to be extra vigilant with their security practices.
– Web3 and blockchain bring new possibilities for malicious campaigns to operate unchecked, requiring adaptive defenses to counter these emerging threats.

Share this article
Shareable URL
Prev Post

Australian crypto exchanges look to new licensing regime with cautious optimism

Next Post

SBF and Caroline Ellison conspired to keep Bitcoin under $20K, but did it work?

Leave a Reply

Your email address will not be published. Required fields are marked *

Read next