Cybercriminals have discovered new ways for users to spread malware, by manipulating BSC smart contracts to hide malware and spread malicious code.
Security researchers shared the technique, dubbed "EtherHiding," in an Oct. 15 report, explaining that the attack involves compromising a WordPress site by injecting code that retrieves a partial payload from a blockchain contract.
The attacker hides the payload in BSC, and these contracts basically act as anonymous free escrow platforms. Hackers can update code and change attack methods at will. The latest attacks come in the form of fake browser updates, prompting victims to update their browsers using fake landing pages and links. The payload contains JavaScript to obtain additional code from the attacker's domain name. Ultimately, this results in a completely defaced website, fake browser update notifications, and the distribution of malware. This attack method allows threat actors to modify the attack chain by simply exchanging malicious code with each new blockchain transaction.
Website owners using WordPress need to be extremely vigilant about their security practices, as WordPress accounts for approximately 43% of all websites. (Cointelegraph)
Kikyo