EtherHiding: Hackers create novel way to hide malicious code in blockchains

Posted under: Fintech
Date: 2023-10-18
EtherHiding: Hackers create novel way to hide malicious code in blockchains

Cybercriminals are exploiting Binance Smart Chain (BSC) smart contracts in a method called "EtherHiding" to spread malware. Guardio Labs security researchers unveiled this technique, revealing that it involves compromising WordPress websites with code that retrieves payloads from blockchain contracts. These payloads are concealed in BSC smart contracts, serving as anonymous hosting platforms. Attackers can update and alter their methods at will. Recent attacks involve fake browser updates, luring victims to a fake page, ultimately leading to full site defacement and malware distribution. The adaptability of this attack makes it challenging to combat. Binance relies on its developer community to detect malicious code in contracts. Guardio Labs warns that Web3 and blockchain open the door for unchecked malicious campaigns, emphasizing the need for adaptive defenses.

Read more at: cointelegraph.com