'EtherHiding' hack siv Binance blockchain los ntxias cov neeg siv WordPress

Cov kws tshawb fawb ntawm Guardio Labs tau tshawb pom qhov kev tawm tsam tshiab hu ua 'EtherHiding,' uas siv Binance Smart Chain thiab Bullet-Proof Hosting los ua haujlwm tsis zoo hauv cov neeg raug tsim txom 'web browsers.

Tsis zoo li qhov ua ntej suite ntawm fake hloov tshiab hacks uas exploited WordPress, no variant siv ib tug tshiab cuab tam: Binance's blockchain. Yav dhau los, tsis yog-blockchain variants cuam tshuam lub vev xaib mus ntsib nrog qhov tseeb-zoo, browser-styled 'Hloov kho' sai. Tus neeg raug tsim txom nas nyem ntsia malware.

Vim qhov pheej yig, ceev, thiab tsis zoo tub ceev xwm programmability ntawm Binance Smart Chain, hackers tuaj yeem ua rau muaj kev puas tsuaj loj ntawm cov lej ncaj qha los ntawm blockchain no.

Kom meej meej, qhov no tsis yog MetaMask nres. Hackers tsuas yog ua haujlwm tsis zoo hauv cov neeg raug tsim txom 'web browsers uas zoo li txhua lub vev xaib uas tus neeg nyiag khoom xav tsim - tuav thiab ua haujlwm hauv qhov tsis tuaj yeem nres. Siv Binance's blockchain los pab cov cai, hackers tua cov neeg raug tsim txom rau ntau yam kev dag ntxias. Tseeb tiag, EtherHiding txawm lub hom phiaj cov neeg raug tsim txom uas tsis muaj crypto tuav.

Nyeem ntxiv: Reuters qhia txog 'dub zais zais' nyob ib puag ncig Binance thiab nws cov peev txheej

Hijacking browser los nyiag koj cov ntaub ntawv

Hauv ob peb lub hlis dhau los, qhov hloov tshiab browser cuav tau nthuav dav. Unsuspecting internet cov neeg siv ntsib ib tug ntseeg, tsis pub leej twg paub lub website. Lawv pom qhov kev dag browser hloov tshiab thiab absentmindedly nyem 'Hloov kho.' Tam sim ntawd, hackers nruab malware zoo li RedLine, Amadey, lossis Lumma. Hom malware no, hu ua 'infostealer', feem ntau nkaum ntawm Trojan tawm tsam uas muaj qhov pom tseeb ntawm software raug cai.

EtherHiding version ntawm cov WordPress-raws li kev tawm tsam tawm tsam siv lub infostealer muaj zog dua, ClearFake. Siv ClearFake, EtherHiding txhaj JS code rau hauv cov neeg siv cov khoos phis tawj uas tsis xav tau.

Nyob rau hauv ib qho dhau los ntawm ClearFake, qee qhov chaws tso siab rau CloudFlare servers. CloudFlare tau kuaj pom thiab tshem tawm cov cai phem ntawd, uas ua rau qee qhov kev ua haujlwm ntawm ClearFake nres.

Hmoov tsis zoo, cov neeg tawm tsam tau kawm yuav ua li cas kom zam kev cybersecurity-minded hosts zoo li CloudFlare. Lawv pom tus tswv tsev zoo meej hauv Binance.

EtherHiding tawm tsam tshwj xeeb redirects nws cov tsheb khiav mus rau Binance servers. Nws siv qhov tsis txaus ntseeg Base64 code uas nug Binance Smart Chain (BSC) thiab pib daim ntawv cog lus BSC nrog qhov chaw nyob tswj hwm los ntawm cov neeg tawm tsam. Nws tseem ceeb hu rau qee cov khoom siv txhim kho software (SDKs) zoo li Binance's eth_call, uas simulate kev ua tiav daim ntawv cog lus thiab tuaj yeem siv los hu rau cov lej tsis zoo. 

Raws li Guardio Labs cov kws tshawb fawb tau thov hauv lawv cov ntawv nruab nrab, Binance tuaj yeem txo qhov kev tawm tsam no los ntawm kev cuam tshuam cov lus nug rau qhov chaw nyob uas nws tau chij ua phem, lossis cuam tshuam rau eth_call SDK.

Rau nws feem, Binance tau tshaj tawm qee qhov kev cog lus ntse ClearFake ua phem rau BSCScan, tus tseem ceeb Binance Smart Chain explorer. Ntawm no, nws ceeb toom blockchain explorers tias tus neeg tawm tsam qhov chaw nyob yog ib feem ntawm phishing nres.

Txawm li cas los xij, nws muab cov ntaub ntawv tseem ceeb me me txog kev tawm tsam daim ntawv. Tshwj xeeb, BCScan tsis tso cov lus ceeb toom rau cov neeg raug tsim txom tiag tiag qhov twg hacks tshwm sim: hauv lawv lub web browsers.

Web browser tswv yim kom tsis txhob EtherHiding

WordPress tau dhau los ua qhov tsis zoo rau kev ua lub hom phiaj rau cov neeg tawm tsam, nrog rau ib feem peb ntawm txhua lub vev xaib siv lub platform.

• Hmoov tsis zoo, kwv yees li ib feem tsib ntawm WordPress cov vev xaib tsis tau hloov kho mus rau qhov tseeb version, uas nthuav tawm Internet surfers rau malware zoo li EtherHiding.
• Cov thawj coj ntawm lub vev xaib yuav tsum siv cov kev ntsuas kev nyab xeeb zoo xws li khaws cov ntaub ntawv pov thawj kev nyab xeeb, tshem tawm cov plugins cuam tshuam, tiv thaiv tus password, thiab txwv kev nkag mus rau admin.
• WordPress cov thawj coj yuav tsum hloov kho WordPress thiab nws cov plugins txhua hnub, thiab tsis txhob siv plugins nrog qhov tsis zoo.
• WordPress cov thawj coj kuj tseem yuav tsum tsis txhob siv 'admin' ua tus neeg siv lub npe rau lawv cov kev tswj hwm WordPress account.

Ntxiv mus, EtherHiding / ClearFake nres yog qhov nyuaj los thaiv. Cov neeg siv Is Taws Nem tsuas yog yuav tsum ceev faj txog qhov tsis tau xav txog 'Koj qhov browser xav tau hloov kho' ceeb toom, tshwj xeeb tshaj yog thaum mus xyuas lub vev xaib uas siv WordPress. Cov neeg siv yuav tsum tsuas yog hloov kho lawv tus browser los ntawm qhov browser qhov chaw teeb tsa - tsis yog los ntawm nias lub pob hauv lub vev xaib, txawm li cas los xij nws tshwm sim tiag tiag.

Tau txais ib qho lus qhia? Xa email rau peb lossis ProtonMail. Yog xav paub ntxiv txog xov xwm, ua raws li peb ntawm X, Instagram, Bluesky, Thiab Google Xov Xwm, los yog subscribe rau peb YouTube channel.