Fun

News Feed - 2023-10-16 02:10:00

Martin Young3 hours agoEtherHiding: Hackers create novel way to hide malicious code in blockchainsThreat actors have worked out a way to hide malicious payloads in Binance smart contracts to lure victims into updating their browsers from fake prompts, according to cybersecurity researchers.2068 Total views19 Total sharesListen to article 0:00NewsJoin us on social networksCybercriminals have discovered a new way to spread malware to unsuspecting users, this time by manipulating BNB Smart Chain (BSC) smart contracts to hide malware and disseminate malicious code.


A breakdown of the technique known as “EtherHiding” was shared by security researchers at Guardio Labs in an Oct. 15 report, explaining that the attack involves compromising WordPress websites by injecting code that retrieves partial payloads from the blockchain contracts.


The attackers hide the payloads in BSC smart contracts, essentially serving as anonymous free hosting platforms for them.Guardio Labs exposes "EtherHiding" - a new threat hiding in Binance"s Smart Chain, a technique that evades detection, targeting compromised WordPress sites. Read about this game-changing method! @BNBCHAIN #BNBChain #CyberSecurity https://t.co/alNI5KqKUO— Guardio (@GuardioSecurity) October 15, 2023


The hackers can update the code and change the attack methods at will. The most recent attacks have come in the form of fake browser updates, where victims are prompted to update their browsers using a fake landing page and link.


The payload contains JavaScript that fetches additional code from the attacker’s domains. This eventually leads to full site defacement with fake browser update notices that distribute malware.


This approach allows the threat actors to modify the attack chain by simply swapping out malicious code with each new blockchain transaction. This makes it challenging to mitigate, according to Nati Tal, head of cybersecurity at Guardio Labs, and fellow security researcher Oleg Zaytsev.


Once the infected smart contracts are deployed, they operate autonomously. All Binance can do is rely on its developer community to flag malicious code in contracts upon discovery.Contract address flagged for scam activity. Source: Guard.io


Guardio stated that website owners using WordPress, which runs roughly 43% of all websites, need to be extra vigilant with their own security practices before adding:“WordPress sites are so vulnerable and frequently compromised, as they serve as primary gateways for these threats to reach a vast pool of victims.”


Related:Crypto investors under attack by new malware, reveals Cisco Talos


The firm concluded that Web3 and blockchain bring new possibilities for malicious campaigns to operate unchecked. “Adaptive defenses are needed to counter these emerging threats,” it said.


Collect this article as an NFTto preserve this moment in history and show your support for independent journalism in the crypto space.


Magazine:Blockchain detectives — Mt. Gox collapse saw birth of Chainalysis# Blockchain# Smart Contracts# Malware# Hackers# Scams# BSCAdd reactionAdd reactionRead moreHow to earn passive income with peer-to-peer lendingMeet the guerilla artist who staged a crypto ‘rug pull’ in front of the SECHow to build a DApp on Ethereum

News Feed

Crypto Bulls Roadshow Coming to Over 15 Indian Cities — With Government Participation
Crypto Bulls Roadshow Coming to Over 15 Indian Cities — With Government Participation India’s Crypto Bulls Roadshow, a nonprofit initiative to prepare India for the next
Pancakeswap Launches Version 3 of Protocol on BNB and Ethereum Blockchains
Pancakeswap Launches Version 3 of Protocol on BNB and Ethereum Blockchains On Monday, April 3, the decentralized exchange (dex) platform Pancakeswap launched version 3 of its proto
$20M exploit cripples Sonne Finance, hacker in no mood for negotiation
Arijit Sarkar1 hour ago$20M exploit cripples Sonne Finance, hacker in no mood for negotiationSonne Finance halted operations after a hack drained $20 million in cryptocurrencies, including WETH and USDC. Efforts to recov
Alice Ivey8 hours ago5 talent marketplaces to hire developersDiscover the top talent marketplaces for hiring skilled developers for your projects.396 Total viewsListen to article 0:00OverviewJoin us on social networksBus
Position Exchange: Crypto Bonds Powered by Smart Contracts
Position Exchange: Crypto Bonds Powered by Smart Contracts press release PRESS RELEASE.Position Exchangeis pleased to announce the release of its Bonds feature. Dive deeper into thi
Ezra Reguerra5 hours agoBored Ape floor price falls below 30 ETH: Nifty Newsletter, July 5–11A decentralized finance borrower used a nonfungible token representing a luxury watch to take out a $35,000 loan.1013 Total v
Xbox Boss Phil Spencer Calls Today’s Metaverse a ‘Poorly Built Video Game’
Xbox Boss Phil Spencer Calls Today"s Metaverse a "Poorly Built Video Game" Phil Spencer, CEO of gaming at Microsoft and head of Xbox, directed some criticism at the idea of the met
Bitcoin Price In Trouble? Bearish Divergence That Led To Market Crash Last Cycle Returns
Este artículo también está disponible en español. Crypto analyst Kevin Capitalhas suggested that the Bitcoin price may be in trouble. This follows his revelation that a b
Accused Onecoin Co-Conspirators Fight Criminal Charges in the US
Accused Onecoin Co-Conspirators Fight Criminal Charges in the US The Onecoin scam, a multi-level Ponzi scheme that acquired $4 billion from investors has been falling apart at th
Price analysis 6/19: BTC, ETH, BNB, SOL, XRP, DOGE, TON, ADA, SHIB, AVAX
Rakesh Upadhyay7 hours agoPrice analysis 6/19: BTC, ETH, BNB, SOL, XRP, DOGE, TON, ADA, SHIB, AVAXBitcoin is struggling to bounce off $64,500, increasing the possibility of a deeper correction to $60,000.3850 Total views
Marco Castrovilli5 hours agoBitcoin rally will lead to "speculative blow-off top” in 2024, Mark Yusko predictsBlackRock"s application for a spot Bitcoin ETF has kicked off the next Bitcoin bull run, which will cul
Ethereum Weekly Volume Hits $60 Billion As ETH Aims For Yearly Highs
Este artículo también está disponible en español. Ethereum has staged an impressive 35% rally since last Tuesday, marking a bullish breakout as it tests crucial supply le