EtherHiding: A New Chapter In Cybersecurity Concerns

Security experts have identified a new technique that manipulates blockchain contracts to disseminate malware through counterfeit browser updates.

A new malware attack uses BSC, and targets WordPress sites.

A new type of cyberattack has emerged that exploits properties of Binance Smart Chain. The new method, called "EtherHiding," doesn't just disseminate malware; it hides it within smart contracts on the blockchain. The technique is so sophisticated it has left cybersecurity professionals stumped. Bizarrely, WordPress website owners are the ones who should be most concerned.

The Mechanics Of The EtherHiding Attack

In this new wave of cyberattacks, hackers compromise WordPress sites and then trigger fake browser update prompts to lure in victims. These prompts contain hidden JavaScript that fetches additional malware, disguised in blockchain transactions. The digital miscreants can alter this code dynamically, which makes defending against it incredibly challenging.

The Limitations Of Current Defense Mechanisms

What's most unsettling is that once these malicious smart contracts are live on the blockchain, they're essentially autonomous. The onus then falls on the Binance developer community to identify and flag the rogue contracts. This has led experts to call for a rethink of current security measures, especially given how prevalent WordPress is as a platform.

Contract address flagged for scam activity (Image:
Contract address flagged for scam activity (Image:

A Warning For WordPress Users

Since WordPress is the platform of choice for a significant portion of websites, its vulnerability in this new form of attack is concerning. The underlying issue is that the blockchain, with all its promise and potential, also offers new avenues for cybercrime that are less understood and harder to guard against.

In conclusion, EtherHiding represents an evolutionary step in the capabilities of cybercriminals. As we move deeper into the Web3 era, it's clear that traditional defense mechanisms may no longer be enough. A proactive and adaptable cybersecurity strategy is essential in this new landscape.

Subscribe to our newsletter and follow us on Twitter.

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to REX Wire.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.