New EtherHiding Method Bypasses Blockchain Security Protocols

A recent cybersecurity report reveals a novel technique where cybercriminals exploit BNB Smart Chain smart contracts to camouflage and disseminate malware. Dubbed "EtherHiding," this new method raises concerns about the vulnerability of blockchain-based systems.

Guardio Labs, a cybersecurity research firm, detailed the workings of EtherHiding in an October 15th report. The technique involves compromising WordPress websites, which comprise approximately 43% of all existing websites.

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

Proof of Work vs Proof of Stake: Which is Better? (ANIMATED)

SUBSCRIBE

ON YOUTUBE

Cybercriminals inject code into these websites to extract partial payloads from BSC smart contracts, effectively turning these contracts into anonymous hosting platforms for malicious content.

Nati Tal, head of cybersecurity at Guardio Labs, and researcher Oleg Zaytsev pointed out the tough challenge this poses for mitigation.

According to them, the attackers can easily alter the attack methods and code in real-time. One of the most recent adaptations of this strategy involves fake browser updates, where victims are lured to fraudulent landing pages. These fake updates contain JavaScript that fetches supplementary code from the attacker's domains, eventually leading to full site destruction and malware distribution.

The autonomous nature of the compromised smart contracts adds an additional layer of complexity. Once these contracts are live on BSC, Binance has limited options and must rely on its developer community to identify and flag any malicious code.

Guardio Labs emphasizes the need for WordPress website owners to enhance their security measures, as their platforms can serve as initial entry points for these types of threats.

In their conclusion, the researchers from Guardio Labs warned that the capabilities of Web3 and blockchain technology could potentially enable harmful campaigns to operate without detection:

Adaptive defenses are needed to counter these emerging threats.

The discovery of the EtherHiding technique marks a significant evolution in cybercrime tactics using blockchain technology to spread malware. The issue poses a risk for WordPress website owners and presents a broader challenge to blockchain security measures.

Aaron S., Editor-In-Chief

Having completed a Master’s degree in Economics, Politics, and Cultures of the East Asia region, Aaron has written scientific papers analyzing the differences between Western and Collective forms of capitalism in the post-World War II era.
With close to a decade of experience in the FinTech industry, Aaron understands all of the biggest issues and struggles that crypto enthusiasts face. He’s a passionate analyst who is concerned with data-driven and fact-based content, as well as that which speaks to both Web3 natives and industry newcomers.
Aaron is the go-to person for everything and anything related to digital currencies. With a huge passion for blockchain & Web3 education, Aaron strives to transform the space as we know it, and make it more approachable to complete beginners.
Aaron has been quoted by multiple established outlets, and is a published author himself. Even during his free time, he enjoys researching the market trends, and looking for the next supernova.

Full Bio

All Expert Contributors & Analysts