{"id":174422,"date":"2023-10-20T00:25:48","date_gmt":"2023-10-20T05:25:48","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2023\/10\/etherhiding-blockchain-technique-hides-malware-in-wordpress-sites"},"modified":"2023-10-20T00:25:48","modified_gmt":"2023-10-20T05:25:48","slug":"etherhiding-blockchain-technique-hides-malware-in-wordpress-sites","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2023\/10\/etherhiding-blockchain-technique-hides-malware-in-wordpress-sites","title":{"rendered":"\u2018Etherhiding\u2019 Blockchain Technique Hides Malware in WordPress Sites"},"content":{"rendered":"

<\/a><\/p>\n

\u2018Etherhiding\u2019 Blockchain Technique Hides Malicious Code in WordPress Sites: https:\/\/informatech.co\/3S3tw<\/a><\/p>\n

\n

A threat actor has been abusing proprietary blockchain<\/a> technology to hide malicious code in a campaign that uses fake browser updates to spread various malware, including the infostealers RedLine<\/a>, Amadey<\/a>, and Lumma<\/a>.<\/p>\n

While abuse of blockchain is typically seen in attacks aimed at stealing cryptocurrency<\/a> \u2014 as the security technology is best known for protecting these transactions \u2014 EtherHiding demonstrates how attackers can leverage it for other types of malicious activity.<\/p>\n

Researchers from Guardio have been tracking a campaign dubbed ClearFake over the last two months in which users are misled into downloading malicious fake browser updates from at least 30 highjacked WordPress sites.<\/p>\n","protected":false},"excerpt":{"rendered":"

\u2018Etherhiding\u2019 Blockchain Technique Hides Malicious Code in WordPress Sites: https:\/\/informatech.co\/3S3tw A threat actor has been abusing proprietary blockchain technology to hide malicious code in a campaign that uses fake browser updates to spread various malware, including the infostealers RedLine, Amadey, and Lumma. While abuse of blockchain is typically seen in attacks aimed at stealing cryptocurrency [\u2026]<\/p>\n","protected":false},"author":662,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3818,1761,34],"tags":[],"class_list":["post-174422","post","type-post","status-publish","format-standard","hentry","category-blockchains","category-cryptocurrencies","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/174422","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/662"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=174422"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/174422\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=174422"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=174422"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=174422"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}