Blog

Oct 20, 2023

‘Etherhiding’ Blockchain Technique Hides Malware in WordPress Sites

Posted by in categories: blockchains, cryptocurrencies, cybercrime/malcode

‘Etherhiding’ Blockchain Technique Hides Malicious Code in WordPress Sites: https://informatech.co/3S3tw


A threat actor has been abusing proprietary blockchain technology to hide malicious code in a campaign that uses fake browser updates to spread various malware, including the infostealers RedLine, Amadey, and Lumma.

While abuse of blockchain is typically seen in attacks aimed at stealing cryptocurrency — as the security technology is best known for protecting these transactions — EtherHiding demonstrates how attackers can leverage it for other types of malicious activity.

Researchers from Guardio have been tracking a campaign dubbed ClearFake over the last two months in which users are misled into downloading malicious fake browser updates from at least 30 highjacked WordPress sites.

Comments are closed.