Hacking teams—at the very least one in every of which works on behalf of the North Korean authorities—have discovered a brand new and cheap method to distribute malware from “bulletproof” hosts: stashing them on public cryptocurrency blockchains.
In a Thursday put up, members of the Google Risk Intelligence Group mentioned the approach offers the hackers with their very own “bulletproof” host, a time period that describes cloud platforms which can be largely immune from takedowns by legislation enforcement and strain from safety researchers. Extra historically, these hosts are positioned in nations with out treaties agreeing to implement legal legal guidelines from the US and different nations. These companies typically cost hefty sums and cater to criminals spreading malware or peddling baby sexual abuse materials and wares offered in crime-based flea markets.
Subsequent-gen, DIY internet hosting that may’t be tampered with
Since February, Google researchers have noticed two teams turning to a more recent approach to contaminate targets with credential stealers and different types of malware. The strategy, often known as EtherHiding, embeds the malware in sensible contracts, that are primarily apps that reside on blockchains for Ethereum and different cryptocurrencies. Two or extra events then enter into an settlement spelled out within the contract. When sure circumstances are met, the apps implement the contract phrases in a means that, at the very least theoretically, is immutable and unbiased of any central authority.
