The Rise of EtherHiding
Cybercriminals are getting more creative, and if you thought malware couldn’t get any sneakier, think again! Attackers are leveraging a technique called EtherHiding, as uncovered by the vigilant folks at Guardio Labs. This method involves manipulating Binance’s BNB Smart Chain (BSC) smart contracts to clandestinely distribute malicious code. Spoiler alert: It’s not as harmless as it sounds!
How EtherHiding Works
The villainous deed starts by compromising unsuspecting WordPress websites. Here, hackers inject clever code that retrieves partial malware payloads directly from BSC contracts. Think of these smart contracts as sneaky hosts, hidden in a digital attic, waiting to pounce on unsuspecting visitors.
- Step 1: Hackers breach a WordPress site.
- Step 2: Malicious code is implanted.
- Step 3: Victims encounter fake browser update notices.
- Step 4: JavaScript payload is unleashed and malware is distributed.
And just like that, the bad guys are in the house, and your device is under siege!
Why It’s Hard to Detect
One major advantage of this technique is that it allows cybercriminals to update and alter their attack methods at a moment’s notice. The use of smart contracts means that new code can be swapped in with each new blockchain transaction.
As Nati Tal from Guardio Labs aptly puts it,
