A new malware campaign called ClearFake is utilizing Binance's Smart Chain contracts to distribute malicious code. The attackers exploit compromised WordPress sites to inject concealed JavaScript code that retrieves a second-stage payload from Binance-controlled servers. The malware can modify the infection process remotely, making it difficult to detect and take down. The malicious code is hosted on the blockchain, making it decentralized and impervious to traditional shutdown methods. The use of smart contracts on platforms like BSC presents new challenges in fighting malicious campaigns. It is crucial to keep WordPress sites and plugins updated to mitigate these threats.
Table of contents
“EtherHiding” — Hiding Web2 Malicious Code in Web3 Smart ContractsThe Evolving Fake Browser Update CampaignNo Crptoscams Here, So Why Binance ?Smart Contracts? Code on the BlockChain?The Malicious Smart Contract — AnalyzedDeploying Malicious Code From The BlockChain (For Free!)Fighting Back? Is It Even Possible?“EtherHiding”- Even More Threatning PossibilitiesIOCsSort: