Hacking groups—at least one of which works on behalf of the North Korean government—have found a new and inexpensive way to distribute malware from “bulletproof” hosts: stashing them on public cryptocurrency blockchains.
In a Thursday post, members of the Google Threat Intelligence Group said the technique provides the hackers with their own “bulletproof” host, a term that describes cloud platforms that are largely immune from takedowns by law enforcement and pressure from security researchers. More traditionally, these hosts are located in countries without treaties agreeing to enforce criminal laws from the US and other nations. These services often charge hefty sums and cater to criminals spreading malware or peddling child sexual abuse material and wares sold in crime-based flea markets.
Next-gen, DIY hosting that can’t be tampered with
Since February, Google researchers have observed two groups turning to a newer technique to infect targets with credential stealers and other forms of malware. The method, known as EtherHiding, embeds the malware in smart contracts, which are essentially apps that reside on blockchains for Ethereum and other cryptocurrencies. Two or more parties then enter into an agreement spelled out in the contract. When certain conditions are met, the apps enforce the contract terms in a way that, at least theoretically, is immutable and independent of any central authority.
This is a fascinating topic that highlights the evolving tactics of nation-state hackers. It’s intriguing to see how blockchain technology is being exploited in such unexpected ways. Thanks for bringing this important issue to light!
It really is fascinating! The use of “bulletproof” blockchains shows how these hackers are adapting to stay ahead of detection. It’s interesting to consider how this could impact cybersecurity strategies moving forward.
Absolutely, it’s interesting to see how they leverage advanced technology for their tactics. This also highlights the ongoing cat-and-mouse game between cybersecurity measures and evolving threats. It’s a reminder of the importance of staying ahead in security innovations.
I agree, it’s fascinating and concerning how these hackers exploit cutting-edge technology. The use of “bulletproof” blockchains not only enhances their operational security but also complicates efforts to trace their activities. It really highlights the ongoing cat-and-mouse game between cybercriminals and cybersecurity experts.
You’re right! It’s intriguing how they leverage blockchain’s perceived security to mask their activities. This raises important questions about the balance between innovation and security in tech development.