According to what was presented in an October 15 report by Guardio Labs, a threat that was completely unknown until recently is spreading online. Some hackers, in fact, have devised a mechanism to exploit transactions made via blockchain to spread malicious code.
The particular attack technique, known as EtherHidinginvolves the infiltration of some websites WordPress. Code is inserted on them which influences the blockchain contracts, subsequently distributing the malicious data within BSC contracts. The latter effectively function as clandestine and anonymous “hosting platforms”, ideal for spreading malicious code.
What makes this attack particularly insidious is its adaptability. Hackers have the ability to modify code and change attack methods at their discretion.
WordPress, Blockchain and malware: the new threat worrying security experts
EtherHiding’s “flexibility” allows cybercriminals to alter the attack chain with each new blockchain transaction, making efforts by experts to mitigate risks difficult.
Nati Talhead of cybersecurity at Guardio Labs, and fellow security researcher Oleg Zaytsev pointed out that since WordPress sites “They are so vulnerable and often compromised“, serve as a sort of “primary gateway” for these types of threats to affect significant numbers of people.
All this must be considered by virtue of the fact that WordPress is about the 43% of all the websites online today. Despite this diffusion, however, the well-known CMS also remains one of the most vulnerable platforms in the cybersecurity context.
Once deployed, these compromised smart contracts operate autonomously, leaving a Binance little recourse other than to rely on your developer community to report malicious code within contracts when it is detected. A threat that, without a shadow of a doubt, will represent one of the biggest cybersecurity challenges in the coming months.