Close
Why Hackers Prefer Binance’s BNB Smart Chain? In 0xScope and CertiK, threat actors may prefer to use BNB smart chain contracts, cyber security analysts said. Because it is cheaper and has lower security than Ethereum. To receive news and new articles about digital currency exchanges, stay with Pooyan Music site.
Despite its name, EtherHiding, a new attack vector that hides malicious code in blockchain smart contracts has nothing to do with Ethereum, cybersecurity analysts have revealed.
EtherHiding was discovered as a new way for bad actors to hide malicious payloads in smart contracts, with the ultimate goal of distributing malware to unsuspecting victims.
Much of this is due to the lower costs of the BNB smart chain, said Joe Green, security researcher at blockchain security firm CertiK. The management fee of BSC is much cheaper than ETH, but the stability and speed of the network are the same.
EtherHiding attacks are initiated by hackers who compromise WordPress websites. They also inject code that pulls partial payloads buried in Binance smart contracts. The front end of the website is replaced with a fake update browser request that, when clicked, pulls the javascript load from the Binance blockchain.
Actors modify malware payloads and update website domains to avoid detection. This allows them to continuously deliver new malware downloads to users as browser updates, Green explained.
Another reason could be due to the increase of security-related investigations on Ethereum, said security researchers of the Web3 analysis company 0xScope.
Although it is unlikely that we will know the true motivations of the EtherHiding hacker for using the BNB smart chain over other blockchains for their project, one possible factor is the increased security-related scrutiny on Ethereum.
Hackers may face greater risks of detection by injecting their malicious code using Ethereum due to systems such as Infura’s IP address tracking for MetaMask transactions, they said.
The 0xScope team said they recently traced the flow of money between the hackers’ addresses on BNB Smart Chain and Ethereum. The report stated that the key addresses were linked to OpenSea users of the NFT market and copper custody services.
What is a smart contract? Basically, a smart contract is a decentralized method of verification or agreement. Parties can create a smart contract on a blockchain that requires a certain number of digital signatures before an action or payment can be made, thus eliminating third-party intervention. Institutions can tailor smart contracts to specific parameters and requirements. Nick Szabo is the father of smart contracts who started this concept in the 1990s.
When it comes to a smart contract, Ethereum is often one of the main blockchains. From smart contract examples and pay-to-play use cases to supply chain, voting, and more. Different smart contract programming languages can be applied, depending on the use case.
malware
Malicious software or malware is software that is created to harm a computer or network. Malware operates from within the target system and must be planted before the program can be executed.
Trojan malware is one of the most popular malicious tools that are usually executed by the unknowing user himself. A Trojan can offer hackers the opportunity to access a user’s private information, install some mining malware or encryption malware without the target knowing about it.
Malware can be used for various purposes such as damaging system maintenance or accessing trade secrets or secret government information. Bitcoin-stealing malware and other cryptocurrency-targeted programs are also widely used alongside malware to steal fiat money. The problem of malware is becoming more of a concern for businesses and users with the increasing pace of information technology implementation in everyday life.
