1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Hackers are hiding malicious code in Binance Smart Chain contract

    From TechnologyDaily@1337:1/100 to All on Mon Oct 16 14:45:04 2023
    Hackers are hiding malicious code in Binance Smart Chain contracts

    Date:
    Mon, 16 Oct 2023 14:33:35 +0000

    Description:
    The next level of bulletproof hosting is here, and hijacking the
    decentralized nature of the blockchain.

    FULL STORY ======================================================================

    Hackers have been observed hosting malicious code on Binances Smart Chain and dropping it to people via smart contracts.

    This tactic makes the malware campaign infinitely more resilient and tougher to take down, with the researchers who found it - Guardio Labs - describing
    it as the next level of bulletproof hosting.

    Binance is one of the worlds most popular cryptocurrency exchanges, and has its own blockchain, called the Binance Smart Chain, which is essentially a competitor to Ethereum - a world computer that can be used to create and host decentralized apps (dApps). It also has lower fees and faster transaction times compared to Ethereum (because of, among other things, Ethereum being arguably more popular and more used). Smart contracts are programs stored on the blockchain that run when certain conditions are met. Blockchains and
    smart contracts

    First, the hackers' campaign, dubbed EtherHiding, finds a vulnerable
    WordPress site. It may have an easy-to-guess password or a flawed and
    outdated add-on through which they obtain access. Then, they create an
    overlay on that website, warning the visitors that their browser is outdated and that a patch is necessary in order to view the contents of the site. They also add an obfuscated JavaScript code that creates a smart contract and queries the Binance Smart Chain.

    If the victim clicks on the download button, the script runs, creates the smart contract and fetches a malicious script hosted on the blockchain.

    This is what we see here in this attack malicious code is hosted and served in a manner that cant be blocked, the researchers explain. Unlike hosting it on a Cloudflare Worker service as was mitigated on the earlier variant.
    Truly, it is a double-edged sword in decentralized tech.

    Ultimately, the victims will install an infostealer on their endpoints , be
    it Amadey, Lumma, or RedLine.

    Unfortunately, theres very little anyone can do about it, other than just
    flag the associated Binance Smart Chain addresses and contracts as malicious and used in a phishing campaign. More from TechRadar Pro Security professionals are being overworked - and that's a huge problem Here's a list of the best firewalls today These are the best identity theft protection
    tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/hackers-are-hiding-malicious-code-in-bi nance-smart-chain-contracts


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)