Jakarta, CNBC Indonesia – Binance was attacked by god-class hackers who were difficult to fight. The TechRadar report said this attack was at a high level, aka next level.
According to reports, hackers inserted (hosted) malicious code in Binance’s blockchain system called ‘Binance Smart Chain’. Next, the malicious code is distributed to people via smart contacts.
This tactic makes malware much more resilient and harder to eradicate. Researchers from Guardio Labs were the first to identify this attack. The team calls this attack high-level ‘bulletproof’ hosting.
Binance is one of the most popular cryptocurrency exchanges in the world. The company’s Binance Smart Chain blockchain system is essentially a competitor to Ethereum.
Binance Smart Chain is a global computer that can be used to create and host decentralized applications (dApps).
The system has lower fees and faster transaction times compared to Ethereum. While smart contracts are programs that are stored on the blockchain and executed when certain conditions are met.
Hacker’s Method of Breaking into the Binance System
First, a hacker action, nicknamed EtherHiding, discovered a vulnerable WordPress site. The site may have passwords that are easy to guess or add-ons that are flawed or outdated. As a result, access can be compromised.
Then, they created an overlay on the website, warning visitors that their browser was out of date and a patch was needed to view the content on the site.
They also added obfuscated JavaScript code. If the victim clicks the download button, the script will run, create a smart contract, and retrieve the malicious script hosted on the blockchain.
“This is what we saw in this attack, malicious code was hosted and served in a way that could not be blocked,” explained the researchers, quoted from TechRadarTuesday (17/10/2023).
Unlike hosting it on the Cloudflare Worker service as was mitigated in the previous variant. Researchers even call it a double-edged sword in decentralized technology.
Ultimately, the victim will install the infostealer on their endpoint, be it Amadey, Lumma, or RedLine.
Unfortunately, there is little that can be done, other than simply flagging addresses and associated Binance Smart Chain contracts as malicious and used in phishing campaigns.
[Gambas:Video CNBC]
Next Article
The figure of the world’s crypto emperor who is crazy about power & is being chased by Interpol
(fab/fab)