Buy CryptoMarketsSpotFuturesUSOILEarnEvent Centre
More
Gold vs Crypto
The post XRP, other crypto assets targeted in EtherHiding attack appeared on BitcoinEthereumNews.com. North Korean threat actors have adopted a blockchain-based technique called EtherHiding to deliver malware designed to steal cryptocurrency including XRP. Summary Hackers embed malicious code in smart contracts to steal XRP and other crypto. EtherHiding evades takedowns by hosting malware on decentralized blockchains. Fake recruiters trick developers into installing malware during job interviews. According to Google’s Threat Intelligence Group, this is the first time GTIG has observed a nation-state actor using this method. The method embeds malicious JavaScript payloads inside blockchain smart contracts to create resilient command-and-control servers. The EtherHiding technique targets developers in cryptocurrency and technology sectors through social engineering campaigns tracked as “Contagious Interview.” The campaign has led to numerous cryptocurrency heists affecting XRP (XRP) holders and users of other digital assets. Blockchain-based attack infrastructure evades detection EtherHiding stores malicious code on decentralized and permissionless blockchains and removes central servers that law enforcement or cybersecurity firms can take down. Attackers controlling smart contracts can update malicious payloads at any time and maintain persistent access to compromised systems. Security researchers can tag contracts as malicious on blockchain scanners like BscScan, but malicious activity continues regardless of these warnings. Google’s report describes EtherHiding as a “shift towards next-generation bulletproof hosting” where blockchain technology features enable malicious purposes. When users interact with compromised sites, the code activates to steal XRP, other cryptocurrencies, and sensitive data. The compromised websites communicate with blockchain networks using read-only functions that avoid creating ledger transactions. This minimizes detection and transaction fees. Sophisticated social engineering The Contagious Interview campaign centers on social engineering tactics that mimicks legitimate recruitment processes through fake recruiters and fabricated companies. Fake recruiters lure candidates onto platforms like Telegram or Discord, then deliver malware through deceptive coding tests or fake software downloads disguised as technical assessments. The campaign employs multi-stage malware infection, including… The post XRP, other crypto assets targeted in EtherHiding attack appeared on BitcoinEthereumNews.com. North Korean threat actors have adopted a blockchain-based technique called EtherHiding to deliver malware designed to steal cryptocurrency including XRP. Summary Hackers embed malicious code in smart contracts to steal XRP and other crypto. EtherHiding evades takedowns by hosting malware on decentralized blockchains. Fake recruiters trick developers into installing malware during job interviews. According to Google’s Threat Intelligence Group, this is the first time GTIG has observed a nation-state actor using this method. The method embeds malicious JavaScript payloads inside blockchain smart contracts to create resilient command-and-control servers. The EtherHiding technique targets developers in cryptocurrency and technology sectors through social engineering campaigns tracked as “Contagious Interview.” The campaign has led to numerous cryptocurrency heists affecting XRP (XRP) holders and users of other digital assets. Blockchain-based attack infrastructure evades detection EtherHiding stores malicious code on decentralized and permissionless blockchains and removes central servers that law enforcement or cybersecurity firms can take down. Attackers controlling smart contracts can update malicious payloads at any time and maintain persistent access to compromised systems. Security researchers can tag contracts as malicious on blockchain scanners like BscScan, but malicious activity continues regardless of these warnings. Google’s report describes EtherHiding as a “shift towards next-generation bulletproof hosting” where blockchain technology features enable malicious purposes. When users interact with compromised sites, the code activates to steal XRP, other cryptocurrencies, and sensitive data. The compromised websites communicate with blockchain networks using read-only functions that avoid creating ledger transactions. This minimizes detection and transaction fees. Sophisticated social engineering The Contagious Interview campaign centers on social engineering tactics that mimicks legitimate recruitment processes through fake recruiters and fabricated companies. Fake recruiters lure candidates onto platforms like Telegram or Discord, then deliver malware through deceptive coding tests or fake software downloads disguised as technical assessments. The campaign employs multi-stage malware infection, including…

XRP, other crypto assets targeted in EtherHiding attack

Author: BitcoinEthereumNews
Source: BitcoinEthereumNews
2025/10/19 01:01
2 min read
XRP
XRP$1.387+1.21%
SMART
SMART$0.00416-2.41%
TAKE
TAKE$0.02063-0.33%
TAG
TAG$0.0004675+4.96%
For feedback or concerns regarding this content, please contact us at crypto.news@mexc.com

North Korean threat actors have adopted a blockchain-based technique called EtherHiding to deliver malware designed to steal cryptocurrency including XRP.

Summary

  • Hackers embed malicious code in smart contracts to steal XRP and other crypto.
  • EtherHiding evades takedowns by hosting malware on decentralized blockchains.
  • Fake recruiters trick developers into installing malware during job interviews.

According to Google’s Threat Intelligence Group, this is the first time GTIG has observed a nation-state actor using this method.

The method embeds malicious JavaScript payloads inside blockchain smart contracts to create resilient command-and-control servers.

The EtherHiding technique targets developers in cryptocurrency and technology sectors through social engineering campaigns tracked as “Contagious Interview.”

The campaign has led to numerous cryptocurrency heists affecting XRP (XRP) holders and users of other digital assets.

Blockchain-based attack infrastructure evades detection

EtherHiding stores malicious code on decentralized and permissionless blockchains and removes central servers that law enforcement or cybersecurity firms can take down.

Attackers controlling smart contracts can update malicious payloads at any time and maintain persistent access to compromised systems.

Security researchers can tag contracts as malicious on blockchain scanners like BscScan, but malicious activity continues regardless of these warnings.

Google’s report describes EtherHiding as a “shift towards next-generation bulletproof hosting” where blockchain technology features enable malicious purposes.

When users interact with compromised sites, the code activates to steal XRP, other cryptocurrencies, and sensitive data.

The compromised websites communicate with blockchain networks using read-only functions that avoid creating ledger transactions. This minimizes detection and transaction fees.

Sophisticated social engineering

The Contagious Interview campaign centers on social engineering tactics that mimicks legitimate recruitment processes through fake recruiters and fabricated companies.

Fake recruiters lure candidates onto platforms like Telegram or Discord, then deliver malware through deceptive coding tests or fake software downloads disguised as technical assessments.

The campaign employs multi-stage malware infection, including JADESNOW, BEAVERTAIL, and INVISIBLEFERRET variants affecting Windows, macOS, and Linux systems.

Victims believe they’re participating in legitimate job interviews while unknowingly downloading malware designed to gain persistent access to corporate networks and steal cryptocurrency holdings.

Source: https://crypto.news/xrp-crypto-assets-targeted-etherhiding-attack/

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact crypto.news@mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.

You May Also Like

Is Doge Losing Steam As Traders Choose Pepeto For The Best Crypto Investment?

Is Doge Losing Steam As Traders Choose Pepeto For The Best Crypto Investment?

The post Is Doge Losing Steam As Traders Choose Pepeto For The Best Crypto Investment? appeared on BitcoinEthereumNews.com. Crypto News 17 September 2025 | 17:39 Is dogecoin really fading? As traders hunt the best crypto to buy now and weigh 2025 picks, Dogecoin (DOGE) still owns the meme coin spotlight, yet upside looks capped, today’s Dogecoin price prediction says as much. Attention is shifting to projects that blend culture with real on-chain tools. Buyers searching “best crypto to buy now” want shipped products, audits, and transparent tokenomics. That frames the true matchup: dogecoin vs. Pepeto. Enter Pepeto (PEPETO), an Ethereum-based memecoin with working rails: PepetoSwap, a zero-fee DEX, plus Pepeto Bridge for smooth cross-chain moves. By fusing story with tools people can use now, and speaking directly to crypto presale 2025 demand, Pepeto puts utility, clarity, and distribution in front. In a market where legacy meme coin leaders risk drifting on sentiment, Pepeto’s execution gives it a real seat in the “best crypto to buy now” debate. First, a quick look at why dogecoin may be losing altitude. Dogecoin Price Prediction: Is Doge Really Fading? Remember when dogecoin made crypto feel simple? In 2013, DOGE turned a meme into money and a loose forum into a movement. A decade on, the nonstop momentum has cooled; the backdrop is different, and the market is far more selective. With DOGE circling ~$0.268, the tape reads bearish-to-neutral for the next few weeks: hold the $0.26 shelf on daily closes and expect choppy range-trading toward $0.29–$0.30 where rallies keep stalling; lose $0.26 decisively and momentum often bleeds into $0.245 with risk of a deeper probe toward $0.22–$0.21; reclaim $0.30 on a clean daily close and the downside bias is likely neutralized, opening room for a squeeze into the low-$0.30s. Source: CoinMarketcap / TradingView Beyond the dogecoin price prediction, DOGE still centers on payments and lacks native smart contracts; ZK-proof verification is proposed,…
Share
BitcoinEthereumNews2025/09/18 00:14
Wormhole launches reserve tying protocol revenue to token

Wormhole launches reserve tying protocol revenue to token

The post Wormhole launches reserve tying protocol revenue to token appeared on BitcoinEthereumNews.com. Wormhole is changing how its W token works by creating a new reserve designed to hold value for the long term. Announced on Wednesday, the Wormhole Reserve will collect onchain and offchain revenues and other value generated across the protocol and its applications (including Portal) and accumulate them into W, locking the tokens within the reserve. The reserve is part of a broader update called W 2.0. Other changes include a 4% targeted base yield for tokenholders who stake and take part in governance. While staking rewards will vary, Wormhole said active users of ecosystem apps can earn boosted yields through features like Portal Earn. The team stressed that no new tokens are being minted; rewards come from existing supply and protocol revenues, keeping the cap fixed at 10 billion. Wormhole is also overhauling its token release schedule. Instead of releasing large amounts of W at once under the old “cliff” model, the network will shift to steady, bi-weekly unlocks starting October 3, 2025. The aim is to avoid sharp periods of selling pressure and create a more predictable environment for investors. Lockups for some groups, including validators and investors, will extend an additional six months, until October 2028. Core contributor tokens remain under longer contractual time locks. Wormhole launched in 2020 as a cross-chain bridge and now connects more than 40 blockchains. The W token powers governance and staking, with a capped supply of 10 billion. By redirecting fees and revenues into the new reserve, Wormhole is betting that its token can maintain value as demand for moving assets and data between chains grows. This is a developing story. This article was generated with the assistance of AI and reviewed by editor Jeffrey Albus before publication. Get the news in your inbox. Explore Blockworks newsletters: Source: https://blockworks.co/news/wormhole-launches-reserve
Share
BitcoinEthereumNews2025/09/18 01:55
Cryptos Signal Divergence Ahead of Fed Rate Decision

Cryptos Signal Divergence Ahead of Fed Rate Decision

The post Cryptos Signal Divergence Ahead of Fed Rate Decision appeared on BitcoinEthereumNews.com. Crypto assets send conflicting signals ahead of the Federal Reserve’s September rate decision. On-chain data reveals a clear decrease in Bitcoin and Ethereum flowing into centralized exchanges, but a sharp increase in altcoin inflows. The findings come from a Tuesday report by CryptoQuant, an on-chain data platform. The firm’s data shows a stark divergence in coin volume, which has been observed in movements onto centralized exchanges over the past few weeks. Bitcoin and Ethereum Inflows Drop to Multi-Month Lows Sponsored Sponsored Bitcoin has seen a dramatic drop in exchange inflows, with the 7-day moving average plummeting to 25,000 BTC, its lowest level in over a year. The average deposit per transaction has fallen to 0.57 BTC as of September. This suggests that smaller retail investors, rather than large-scale whales, are responsible for the recent cash-outs. Ethereum is showing a similar trend, with its daily exchange inflows decreasing to a two-month low. CryptoQuant reported that the 7-day moving average for ETH deposits on exchanges is around 783,000 ETH, the lowest in two months. Other Altcoins See Renewed Selling Pressure In contrast, other altcoin deposit activity on exchanges has surged. The number of altcoin deposit transactions on centralized exchanges was quite steady in May and June of this year, maintaining a 7-day moving average of about 20,000 to 30,000. Recently, however, that figure has jumped to 55,000 transactions. Altcoins: Exchange Inflow Transaction Count. Source: CryptoQuant CryptoQuant projects that altcoins, given their increased inflow activity, could face relatively higher selling pressure compared to BTC and ETH. Meanwhile, the balance of stablecoins on exchanges—a key indicator of potential buying pressure—has increased significantly. The report notes that the exchange USDT balance, around $273 million in April, grew to $379 million by August 31, marking a new yearly high. CryptoQuant interprets this surge as a reflection of…
Share
BitcoinEthereumNews2025/09/18 01:01