Fun

News Feed - 2023-10-16 02:10:00

Martin Young3 hours agoEtherHiding: Hackers create novel way to hide malicious code in blockchainsThreat actors have worked out a way to hide malicious payloads in Binance smart contracts to lure victims into updating their browsers from fake prompts, according to cybersecurity researchers.2068 Total views19 Total sharesListen to article 0:00NewsJoin us on social networksCybercriminals have discovered a new way to spread malware to unsuspecting users, this time by manipulating BNB Smart Chain (BSC) smart contracts to hide malware and disseminate malicious code.


A breakdown of the technique known as “EtherHiding” was shared by security researchers at Guardio Labs in an Oct. 15 report, explaining that the attack involves compromising WordPress websites by injecting code that retrieves partial payloads from the blockchain contracts.


The attackers hide the payloads in BSC smart contracts, essentially serving as anonymous free hosting platforms for them.Guardio Labs exposes "EtherHiding" - a new threat hiding in Binance"s Smart Chain, a technique that evades detection, targeting compromised WordPress sites. Read about this game-changing method! @BNBCHAIN #BNBChain #CyberSecurity https://t.co/alNI5KqKUO— Guardio (@GuardioSecurity) October 15, 2023


The hackers can update the code and change the attack methods at will. The most recent attacks have come in the form of fake browser updates, where victims are prompted to update their browsers using a fake landing page and link.


The payload contains JavaScript that fetches additional code from the attacker’s domains. This eventually leads to full site defacement with fake browser update notices that distribute malware.


This approach allows the threat actors to modify the attack chain by simply swapping out malicious code with each new blockchain transaction. This makes it challenging to mitigate, according to Nati Tal, head of cybersecurity at Guardio Labs, and fellow security researcher Oleg Zaytsev.


Once the infected smart contracts are deployed, they operate autonomously. All Binance can do is rely on its developer community to flag malicious code in contracts upon discovery.Contract address flagged for scam activity. Source: Guard.io


Guardio stated that website owners using WordPress, which runs roughly 43% of all websites, need to be extra vigilant with their own security practices before adding:“WordPress sites are so vulnerable and frequently compromised, as they serve as primary gateways for these threats to reach a vast pool of victims.”


Related:Crypto investors under attack by new malware, reveals Cisco Talos


The firm concluded that Web3 and blockchain bring new possibilities for malicious campaigns to operate unchecked. “Adaptive defenses are needed to counter these emerging threats,” it said.


Collect this article as an NFTto preserve this moment in history and show your support for independent journalism in the crypto space.


Magazine:Blockchain detectives — Mt. Gox collapse saw birth of Chainalysis# Blockchain# Smart Contracts# Malware# Hackers# Scams# BSCAdd reactionAdd reactionRead moreHow to earn passive income with peer-to-peer lendingMeet the guerilla artist who staged a crypto ‘rug pull’ in front of the SECHow to build a DApp on Ethereum

News Feed

65% of Global Bitcoin Hashrate Concentrated in China
65% of Global Bitcoin Hashrate Concentrated in ChinaA new bitcoin mining map by the University of Cambridge shows that China accounts for 65% of the world’s hash power. About
Kadena Launches $100 Million Grant Fund to Develop Web3 Experiences
Kadena Launches $100 Million Grant Fund to Develop Web3 Experiences Kadena, a proof-of-work-based cryptocurrency that also has the possibility of supporting smart contracts, has an
Chainalysis sets up regional HQ in Dubai amid local crypto boom
Savannah Fortis10 hours agoChainalysis sets up regional HQ in Dubai amid local crypto boomChainalysis relocates its regional headquarters to Dubai, reflecting the UAE’s progressive stance toward blockchain technology.6
A Model for the Next Generation DEX, TitanSwap Will Be a Dex With Better User Experience
A Model for the Next Generation DEX, TitanSwap Will Be a Dex With Better User ExperienceTitanSwap is using the renBTC protocol to implement cross-chain operations. Compared with the
Russia’s Anti-Monopoly Agency Proposes Higher Electricity Rates for Home Crypto Miners
Russia’s Anti-Monopoly Agency Proposes Higher Electricity Rates for Home Crypto Miners The anti-monopoly service of Russia has suggested that Russians minting digital currencies
Gary Gensler will likely resign in 2025 after Biden exit — 10x Research
Tom Mitchelhill3 hours agoGary Gensler will likely resign in 2025 after Biden exit — 10x ResearchA Trump presidency will spell disaster for Gensler and his role as head of the SEC, according to 10x Research founder Mar
Miami Mayor: China’s Crypto Crackdown ‘Creates Incredible Opportunity for America’ in Bitcoin Mining
Miami Mayor: China’s Crypto Crackdown "Creates Incredible Opportunity for America" in Bitcoin Mining The mayor of Miami, Florida, sees China’s cryptocurrency crackdown as
Microstrategy CEO Discusses Bitcoin Becoming $100 Trillion Asset Class — Says BTC Will Grow 100X
Microstrategy CEO Discusses Bitcoin Becoming $100 Trillion Asset Class — Says BTC Will Grow 100X The CEO of Microstrategy says that bitcoin will emerge as a $100 trillion asset c
Analyst Predicts Big Drop For Bitcoin Price As Bearish Pressures Mount After $111,000 ATH
Reason to trust Strict editorial policy that focuses on accuracy, relevance, and impartiality Created by industry experts and meticulously reviewed The highest standards in reporting and pu
Ethereum’s Value Transfer Is Now Dominated by Stablecoins
Ethereum’s Value Transfer Is Now Dominated by Stablecoins The Ethereum (ETH) blockchain has become home to a number of stablecoins. On January 29, Messari researcher Ryan Watki
Marathon Digital buys $249M Bitcoin, reserves reach 25K BTC
Jesse Coghlan7 hours agoMarathon Digital buys $249M Bitcoin, reserves reach 25K BTCMarathon’s latest 4,144 Bitcoin buy comes after boss Fred Thiel said the company was adopting a “hodl strategy” for the cryptocurre
Ava Labs Partners With Amazon Web Services to Accelerate Blockchain Adoption, AVAX Jumps 16%
Ava Labs Partners With Amazon Web Services to Accelerate Blockchain Adoption, AVAX Jumps 16% Ava Labs, the team behind the layer one (L1) smart contract platform network Avalanche,