Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites

October 16, 2025

A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers such as Atomic (AMOS), Lumma, Rhadamanthys (aka RADTHIEF), and Vidar, targeting both Windows and Apple macOS systems.
“UNC5142 is characterized by its use of compromised WordPress websites and ‘EtherHiding,’ a technique used

SOURCE:

Share the Post:

Related News

LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets

An investigation into the compromise of an Amazon Web Services (AWS)-hosted infrastructure has led to the discovery of a new

North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts

A threat actor with ties to the Democratic People’s Republic of Korea (aka North Korea) has been observed leveraging the

Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in “Zero Disco’ Attacks

Cybersecurity researchers have disclosed details of a new campaign that exploited a recently disclosed security flaw impacting Cisco IOS Software

Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites

Related News

LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets

North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts

Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in “Zero Disco’ Attacks

Company

Services

Contact Us