Cyber fraudsters have discovered a new way to distribute virus software among users.
According to research by Guardio Labs, attackers have begun manipulating BNB Smart Chain (BSC) smart contracts to hide malware and distribute malicious code. Analysts note that the attack involves compromising WordPress websites by injecting code that extracts partial payloads from blockchain contracts.
Attackers hide useful data in BSC smart contracts, essentially serving as anonymous, free hosting platforms for them.
Experts point out that hackers can update codes and change attack methods at their discretion. The most recent attacks have come in fake browser updates, where victims are asked to update their browsers using a phony landing page and link.
As a result, this leads to complete site corruption through fake browser updates that distribute malware.
With this attack, attackers can modify a series of attacks by simply changing the malicious code with each new blockchain transaction. Guardio Labs head of cybersecurity Nati Tal notes that this makes it more difficult to prevent these attacks in the future.
“WordPress sites are so vulnerable and frequently compromised, as they serve as primary gateways for these threats to reach a vast pool of victims.”Guardio Labs report
Once infected smart contracts are deployed, they operate autonomously. Tal explained that all Binance can do is rely on its developer community to flag malicious code in contracts once it is discovered.
At the end of the last quarter, the cryptocurrency market suffered losses of $685 million. Compared to 2022, the number of fraudulent schemes decreased by almost 24%
The cryptocurrency market lost $685 million in three months due to hacker attacks, including scams and rag pulls. This is 59.9% more than in the third quarter of 2022 when attackers stole $428 million.