Hackers have found a clever way to spread malware by manipulating BNB Smart Chain (BSC) smart contracts, according to security researchers at Guardio Labs. They have dubbed this technique 'EtherHiding'. By compromising WordPress websites and injecting code that retrieves partial payloads from blockchain contracts, the attackers are able to hide the payloads in Binance smart contracts, essentially using them as anonymous free hosting platforms. This allows them to update the code and change attack methods at will. The most recent attacks involve fake browser updates, where victims are prompted to update their browsers using a fake landing page and link. The payload contains JavaScript that fetches additional code, leading to full site defacement and the distribution of malware.
A Challenging Threat
The ability to modify the attack chain by swapping out malicious code with each new blockchain transaction makes it difficult to mitigate this threat. According to the head of Guardio Labs for cybersecurity, Nati Tal, and security researcher Oleg Zaytsev, once the infected smart contracts are deployed, they operate autonomously, leaving Binance to rely on its developer community to flag malicious code in contracts.
WordPress Users Beware
Guardio warns that website owners using WordPress, which powers around 43% of all websites, need to be extra vigilant with their security practices. The firm emphasizes the need for adaptive defenses to counter these emerging threats, as Web3 and blockchain provide new opportunities for malicious campaigns to operate unchecked.
Did you miss our previous article...
https://trendinginthenews.com/crypto-currency/grayscale-gbtc-discount-narrows-as-bitcoin-etf-approval-looms