A North Korean state-sponsored hacking crew is now using public blockchains to host malicious payloads, data-analytics-id=”inline-link” href=”https://www.anrdoezrs.net/links/8900246/type/dlg/sid/tomshardware-us-2863304793775312773/https://cloud.google.com/blog/topics/threat-intelligence/dprk-adopts-etherhiding?linkId=17314585″ data-url=”https://cloud.google.com/blog/topics/threat-intelligence/dprk-adopts-etherhiding?linkId=17314585″ target=”_blank” referrerpolicy=”no-referrer-when-downgrade” rel=”sponsored noopener” data-hl-processed=”hawklinks” data-placeholder-url=”https://www.anrdoezrs.net/links/8900246/type/dlg/sid/hawk-custom-tracking/https://cloud.google.com/blog/topics/threat-intelligence/dprk-adopts-etherhiding?linkId=17314585″ data-google-interstitial=”false” data-merchant-name=”Google Cloud – North America” data-merchant-id=”273538″ data-merchant-network=”CJ” data-merchant-url=”cloud.google.com”>according to new research from data-analytics-id=”inline-link” href=”https://www.tomshardware.com/tag/google” data-auto-tag-linker=”true” data-before-rewrite-localise=”https://www.tomshardware.com/tag/google”>Google’s Threat Intelligence Group (GTIG). The campaign, which leverages a technique known as “EtherHiding,” is the first documented case of a nation-state actor adopting smart contract malware delivery to evade detection and disrupt takedowns.
Google attributes the activity to UNC5342, a group it links to the long-running “Contagious Interview” operation…
