MultitinkOct 19, 2023
web3 is going just great

Hackers host malicious code on Binance chain to circumvent takedowns

October 13, 2023
https://web3isgoinggreat.com/?id=hackers-host-malicious-code-on-binance-chain-to-circumvent-takedowns

Hackers host malicious code on Binance chain to circumvent takedowns

An otherwise very "web2" hack has taken on a web3 twist as hackers have started to store malicious code on the blockchain. Attackers first compromise WordPress websites, then show a screen to visitors telling them they need to update their browser to view the website. When the visitor does so, the site downloads malware which then harvests information like login credentials.Attackers previously stored the malicious code on typical webhosting services, but those services began to take it down. Now, some have started using Binance's blockchain to store these payloads, taking advantage of the immutable nature of blockchains to prevent anyone from taking it down.

Web3 is Going Just Great
Oct 16, 2023 at 2:20pmWeb
Show threadVeebsOct 16, 2023
@web3isgreat OUTSTANDING 👏
Show threadBrianKrebsOct 16, 2023
@web3isgreat This such an incredible write-up. Super interesting topic. Thank you!
Show threadyokem55Oct 16, 2023
@briankrebs @web3isgreat The browser in this case is not really doing a censorship resistant p2p query of the chain for the hack payload. The configured Binance jsonrpc gateway is doing that on behalf of the ethers.js client in the hacked wordpress install, and that server could fairly easily censor the calls to that contract. To get actual censorship resistant access to that contract's storage, the browser would need to be running its own full bsc node that needs multiple TB of space and a few weeks to sync.
Show threadKhosumiOct 16, 2023
@web3isgreat was only a matter of time.
Show threadstux⚡️Oct 16, 2023

@web3isgreat Pff.. another great use of the BlockChain  

Each day new methods arise to use the BlockChain for even dumber purposes but I have still to see an example that actually makes it "worth it" ⚡

Show threadmigrating to @[email protected]Oct 16, 2023
@stux @web3isgreat its not dumb, its smart! Its just a malicious use done smart.
I feel neg abt the chain, but I like the hackers alr
Show threadstux⚡️Oct 16, 2023

@aprl @web3isgreat Yeah but it's gonna costs a lot of people..

So in a way it's pretty dumb this is possible 

Show threadK4mpfieOct 16, 2023
@web3isgreat In 2013 German chancellor Merkel said "The Internet is uncharted terrain" meaning we don't really know the beast we are dealing with. People were laughing at her for those seemingly silly remarks but the more developments we see, the more I really think she was right about that statement.
Show threadcultdevOct 16, 2023
@web3isgreat forever the dominant web3 use case: enabling criminality
Show threadHardyOct 17, 2023
@fallenhitokiri ping
The website links through to an interesting blog.