Hackers Use Ethereum Smart Contracts to Hide Malware and Bypass Security Detection
According to ChainCatcher, ReversingLabs researchers have disclosed that the NPM packages "colortoolsv 2" and "mimelib 2," released in July, use Ethereum smart contracts to hide malicious URLs and evade security scans. These packages function as downloaders, retrieving command and control server addresses from smart contracts and then downloading second-stage malware, making blockchain traffic appear legitimate and thus increasing detection difficulty.
The research points out that this is the first time Ethereum smart contracts have been found hosting malicious command URLs, indicating that attackers’ strategies to evade detection in open-source repositories are rapidly evolving.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
NEAR One CEO's X account hacked, users advised to be cautious of risks
NEAR: NEAR One CEO's X account has been hacked, users are advised to be cautious of risks
A whale lost over 10 million USD by chasing long positions on ETH after the non-farm payroll data.
Trending news
MoreCrypto prices
More
