BTC $62,554.15 -0.78%
ETH $1,783.64 -0.03%
BNB $569.24 +0.02%
XRP $1.06 -0.99%
SOL $74.97 -2.09%
TRX $0.3245 -1.64%
DOGE $0.0720 -0.33%
ADA $0.1583 -0.99%
BCH $235.87 -0.96%
LINK $7.91 -0.90%
HYPE $63.51 -2.23%
AAVE $96.24 +1.02%
SUI $0.7296 -0.41%
XLM $0.1781 -3.00%
ZEC $503.59 -2.26%
BTC $62,554.15 -0.78%
ETH $1,783.64 -0.03%
BNB $569.24 +0.02%
XRP $1.06 -0.99%
SOL $74.97 -2.09%
TRX $0.3245 -1.64%
DOGE $0.0720 -0.33%
ADA $0.1583 -0.99%
BCH $235.87 -0.96%
LINK $7.91 -0.90%
HYPE $63.51 -2.23%
AAVE $96.24 +1.02%
SUI $0.7296 -0.41%
XLM $0.1781 -3.00%
ZEC $503.59 -2.26%

黑客利用以太坊智能合约隐藏恶意软件,绕过安全检测

2025-09-04 12:04:52
收藏

ChainCatcher 消息,据 ReversingLabs 研究人员披露,7 月发布的 NPM 包 “colortoolsv 2” 和 “mimelib 2” 利用以太坊智能合约隐藏恶意 URL,避免安全扫描。这些软件包作为下载器运行,从智能合约中获取命令与控制服务器地址,再下载二阶段恶意软件,使区块链流量看似合法,从而加大检测难度。

研究指出,这是首次发现以太坊智能合约被用于托管恶意命令 URL,显示攻击者在开源仓库中规避检测的策略正快速演化。

app_icon
ChainCatcher 与创新者共建Web3世界