Post · bonfire.cafe

⚠️ Hackers Abuse #Blockchain Smart Contracts to Spread #Malware via Infected #WordPress Sites

｢ On Windows systems, the malicious command entails the execution of an HTML Application (HTA) file downloaded from a MediaFire URL, which then drops a PowerShell script to sidestep defenses, fetch the encrypted final payload from either GitHub or MediaFire, or their own infrastructure in some cases, and run the stealer directly in memory without writing the artifact to disk ｣

https://thehackernews.com/2025/10/hackers-abuse-blockchain-smart.html

The Hacker News

Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites

UNC5142 exploits blockchain smart contracts and WordPress flaws to deliver stealer malware worldwide.

Log in

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances

Bonfire social · 1.0.0-rc.3.21 no JS en

Automatic federation enabled

Login