According to cybersecurity researchers, threat actors have devised a method to conceal malware payloads in Binance smart contracts in order to trick victims into updating their browsers in response to bogus notifications. Cybercriminals have identified a new method of spreading malware to unwary users, this time by using BNB Smart Chain (BSC) smart contracts to conceal malware and distribute harmful code.
Security experts at Guardio Labs released a summary of the “EtherHiding” technique in an Oct. 15 article, stating that the attack involves infecting WordPress websites by injecting code that gets partial payloads from blockchain contracts. The attackers conceal the payloads in BSC smart contracts, which operate as anonymous free hosting sites.
Once infected smart contracts are deployed, they work on their own. Binance can only rely on its developer community to detect harmful code in contracts.”WordPress sites are so vulnerable and frequently compromised, as they serve as primary gateways for these threats to reach a vast pool of victims,” Guardio said, adding, “WordPress sites are so vulnerable and frequently compromised, as they serve as primary gateways for these threats to reach a vast pool of victims.” According to the business, Web3 and blockchain open up new avenues for hostile activities to run undetected. “Adaptive defences are needed to counter these emerging threats,” according to the report.