ExchangeDEX+

Buy Crypto Markets Spot FuturesBTC Earn Event Center

A newly discovered ransomware, DeadLock, is leveraging Polygon smart contracts to rotate proxy addresses and evade detection, according to researchers at cybersecurityA newly discovered ransomware, DeadLock, is leveraging Polygon smart contracts to rotate proxy addresses and evade detection, according to researchers at cybersecurity

DeadLock Ransomware Exploits Polygon Smart Contracts to Evade Takedowns in 2026

2026/01/16 20:30

A newly discovered ransomware, DeadLock, is leveraging Polygon smart contracts to rotate proxy addresses and evade detection, according to researchers at cybersecurity firm Group-IB.

Exploiting Blockchain Technology

DeadLock leverages Polygon smart contracts to not only keep but also vary the proxy server addresses, thereby complicating the detection and blocking of the malware’s communication channels. The ransomware calls a particular smart contract address for its interactions, changing the command, and, control infrastructure continuously. This method is very disturbing, especially in the context that it takes advantage of blockchain technology’s unchangeable and distributed nature.

Source: Group IB

Also Read: Polygon (POL) Signals Potential Reversal: Is a Rally Toward $0.1290 on the Horizon?

Evasion Techniques and Ransom Demands

When a victim’s device gets tricked by the evil trick, DeadLock locks the files and asks for a ransom, warning to sell the stolen data if the ransom is not paid. The ransomware employs an HTML file with a hidden Session private messenger for the communication with the threat actor. Group, IB states that DeadLock’s low visibility and no connection with known data leak sites or affiliate programs make it an underestimated risk, potentially.

https://twitter.com/GroupIB_TI/status/2011691959510069269?s=20

Also Read: Polygon (POL) Rallies 41% Weekly as Polymarket Surge Accelerates Network Burns

Weaponizing Smart Contracts

The use of smart contracts to commit crimes is nothing new. In the past, Group, IB disclosed a method called “EtherHiding, ” in which North Korean threat actors employed blockchain transactions to deposit and withdraw malicious payloads. The technique essentially converts the blockchain into a decentralized command, and, control server, thus posing a great challenge to its disruption. The DeadLock ransomware is a case in point of the changing face of cyber threats in the blockchain arena.

Also Read: Polygon Labs Buys Coinme and Sequence in $250M Stablecoin Payments Deal

Market Opportunity

Smart Blockchain Price(SMART)

$0.005076

$0.005076$0.005076

+2.17%

USD

Smart Blockchain (SMART) Live Price Chart

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact service@support.mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.