朝鲜黑客利用连锁链将恶意软件隐藏在智能合同中, North Korean hackers use blockchain to hide malware in smart contracts, evading detection and targeting developers via fake job posts.

包括UNC5342集团在内的朝鲜相关黑客正在利用连锁技术通过EtherHideing和BNB智能链的智能合同秘密托管和传播恶意软件,这种方法被称为EtherHiding。 North Korean-linked hackers, including group UNC5342, are using blockchain technology to secretly host and distribute malware via smart contracts on Ethereum and BNB Smart Chain, a method known as EtherHiding. 攻击者通过在分散、不可改变的合同中嵌入恶意代码,逃避收购,并通过以开发商为对象的虚假工作布局提供恶意软件。 By embedding malicious code in decentralized, immutable contracts, attackers evade takedowns and deliver malware through fake job postings targeting developers. 该技术允许远程更新,不留下日志,能够持续存取,并已与恶意软件如JadeSnow和InvisibleFerret相联系。 The technique, which allows remote updates and leaves no logs, enables persistent access and has been linked to malware like JadeSnow and InvisibleFerret. Google和Cisco研究人员观察到,使用这一方法开展了协调一致的运动,突显了国家行为者利用新兴技术进行隐形、耐受力强的网络攻击的日益增长的趋势。 Google and Cisco researchers observed coordinated campaigns using this approach, highlighting a growing trend of nation-state actors leveraging emerging tech for stealthy, resilient cyberattacks.