Polygon smart contracts under attack, but the real danger may be just starting!

ambcryptoPublicado a 2026-01-17Actualizado a 2026-01-17

Resumen

Blockchain technology's growth is increasingly exploited by threat actors, as evidenced by the DeadLock ransomware. This group uses Polygon smart contracts to dynamically rotate server addresses, making their infrastructure more resilient and evading traditional disruption methods. This highlights a concerning shift where decentralized systems, originally designed to prevent centralized abuse, are now being weaponized. Security firm Group-IB warns this is part of an emerging trend, citing similar campaigns like North Korea's UNC5342 using "EtherHiding" on Ethereum. The abuse of smart contracts for malware distribution and ransomware operations signals a deeper, growing threat to blockchain networks.

As blockchain adoption continues to grow, so does its misuse.

At a fundamental level, the technology is widely used to improve liquidity and efficiency across industries. However, threat actors are now leveraging it to make their infrastructure more resilient and harder to disrupt.

DeadLock ransomware is a clear example of this shift. According to Group-IB research, DeadLock uses Polygon [POL] smart contracts to rotate server addresses, allowing it to evade traditional detection methods.

Naturally, this puts the broader decentralization narrative under scrutiny.

In this case, Polygon smart contracts are the ones under pressure. Why does this matter? Blockchain technology was originally designed to prevent the kind of abuse historically seen in traditional, centralized systems.

However, the use of Polygon smart contracts to support ransomware operations shows that decentralized infrastructure can also be exploited by threat actors, raising the question: What does this mean for the network?

Polygon smart contracts – Part of an emerging malware trend

Looking closely, DeadLock isn’t just another ransomware.

In a centralized system, stopping an attack can be as easy as flipping a switch. However, with decentralized setups like Polygon smart contracts, teams can’t just “turn it off” as the control is baked into the core of the network.

Notably, that’s exactly what this technique is taking advantage of. And now, imagine this as part of an “emerging trend” where more attacks are likely to leverage smart contracts across other blockchain platforms.

That brings us to what Group-IB analysts are warning about.

As shown in the chart above, Google recently reported that the North Korean (DPRK) threat actor UNC5342 used a technique called “EtherHiding.” This leverages blockchains to store and retrieve payloads.

Meanwhile, another campaign used Ethereum [ETH] smart contracts which were then used to download second-stage malware. In short, the DeadLock trick with Polygon smart contracts isn’t the end of this trend.

Instead, it could be just the start of deeper smart contract abuse.

Final Thoughts

DeadLock ransomware exploits Polygon smart contracts to rotate server addresses, showing how decentralized infrastructure can be abused.
Smart contract abuse is an emerging trend, with other campaigns like UNC5342 signaling deeper threats across blockchain platforms.

Preguntas relacionadas

QWhat is the primary method used by DeadLock ransomware to evade detection, according to the article?

ADeadLock ransomware uses Polygon smart contracts to rotate server addresses, allowing it to evade traditional detection methods.

QWhy can't teams simply 'turn off' an attack when it uses decentralized setups like Polygon smart contracts?

ABecause the control is baked into the core of the network in decentralized setups, making it impossible to just 'turn it off' like in a centralized system.

QWhat emerging trend in malware attacks does the article highlight beyond the DeadLock case?

AThe article highlights an emerging trend where threat actors are leveraging smart contracts across various blockchain platforms to store and retrieve payloads or download malware, as seen with campaigns like UNC5342 using Ethereum smart contracts.

QWhich threat actor used a technique called 'EtherHiding' to leverage blockchains, as mentioned in the article?

AThe North Korean (DPRK) threat actor UNC5342 used a technique called 'EtherHiding' to leverage blockchains for storing and retrieving payloads.

QWhat does the abuse of Polygon smart contracts by ransomware operations raise questions about?

AIt raises questions about the security and implications for the network, as decentralized infrastructure can be exploited by threat actors, contrary to blockchain's original design to prevent abuse in centralized systems.

Lecturas Relacionadas

a16z: How Blockchain Fills the Gaps in AI Agent Identity, Payments, and Trust?

AI Agents are rapidly evolving from tools into autonomous economic participants, but they lack standardized ways to prove identity, authorization, and payment across environments. Blockchain infrastructure addresses these gaps by providing portable identities via wallets, programmable payments through stablecoins, and auditable transaction records on public ledgers. Key challenges include the absence of a universal identity layer (like "KYA" – Know Your Agent) for non-human entities, governance risks when AI systems control critical resources, and the need for trustless payment systems for agent-to-agent commerce. Emerging solutions include on-chain agent registries, encrypted credentials, and crypto-native toolkits that enable delegated authority and verifiable execution. Stablecoins and embedded payment protocols (e.g., x402) are enabling a new class of "headless merchants" where agents transact without human intervention. Trust shifts from manual oversight to cryptographic verification, as scalability demands automated accountability. Ultimately, blockchain allows agents to operate as permissionless economic actors while preserving user control through programmable constraints and transparent governance.

marsbitHace 22 min(s)

a16z: How Blockchain Fills the Gaps in AI Agent Identity, Payments, and Trust?

marsbitHace 22 min(s)

Exploring Physical World AGI with "Visual Reasoning", ElorianAI Raises $55 Million

ElorianAI, co-founded by ex-Google AI expert Andrew Dai and former AI specialist Yinfei Yang, has raised $55 million in early funding to develop next-generation AI systems with advanced visual reasoning capabilities. While current large models excel in text-based tasks like programming and math, they perform poorly in visual reasoning—even top models like Gemini only match a 3-year-old’s ability in basic visual benchmarks. The key limitation lies in the architecture of current vision-language models (VLMs), which first convert visual inputs into text before reasoning, losing critical spatial and structural information. ElorianAI aims to build a native multimodal model that processes and reasons directly in visual space, enabling deeper understanding of physical relationships, constraints, and environments. The company plans to release a state-of-the-art visual reasoning model by 2026, with potential applications in robotics, disaster management, engineering, healthcare, and AI hardware. By using high-quality, diverse, and synthetically generated data, ElorianAI intends to create models that don’t just perceive but truly understand and reason about the physical world—bringing us closer to visual AGI.

marsbitHace 51 min(s)

Exploring Physical World AGI with "Visual Reasoning", ElorianAI Raises $55 Million

marsbitHace 51 min(s)

This Time, OpenAI Eliminated 90% of Human Designers

OpenAI's latest release, GPT-Image 2, marks a paradigm shift in AI-generated imagery, moving beyond aesthetic quality to logical reasoning and contextual understanding. The model introduces a "thinking mode," where it performs background reasoning—such as mathematical calculations and geographic knowledge—before generating images. This enables highly accurate and context-aware outputs, like a livestream overlay showing precise distance metrics or a brand-aligned poster design. The model excels in rendering Chinese text with remarkable accuracy and aesthetic quality, a significant improvement over previous versions. It supports multi-turn conversational editing via the new Responses API, allowing iterative refinements similar to chatting with a large language model. While GPT-Image 2 demonstrates unprecedented capabilities in commercial applications like marketing material and illustration—potentially displacing many human designers due to its cost efficiency—it still has limitations. Minor artifacts in fine text details persist, and complex prompts can cause extended processing times. Additionally, the technology raises ethical concerns around deepfakes and digital trust. Overall, GPT-Image 2 transitions AI image generation from a novelty to a powerful production-ready tool, redefining industry standards and pushing the boundary of what’s possible in visual AI.

marsbitHace 58 min(s)

This Time, OpenAI Eliminated 90% of Human Designers

marsbitHace 58 min(s)

20 Billion Valuation, Alibaba and Tencent Competing to Invest, Whose Money Will Liang Wenfeng Take?

DeepSeek, an AI startup founded by Liang Wenfeng, is reportedly in talks with Alibaba and Tencent for an external funding round that could value the company at over $20 billion. This marks a significant shift, as DeepSeek had previously relied solely on funding from its parent company,幻方量化 (Huanfang Quantitative), and had resisted external investment. The potential valuation would place DeepSeek among the top-tier AI model companies in China, comparable to competitors like MoonDark (valued at ~$18 billion) and ahead of recently listed firms like MiniMax and Zhipu. The funding—which could range from $600 million (for a 3% stake) to $2 billion (for 10%)—is seen as a move to secure resources for model development, retain talent, and support infrastructure needs, particularly as competition in inference models and AI agents intensifies. Both Alibaba and Tencent are eager to invest, not only for financial returns but also to integrate DeepSeek into their broader AI ecosystems. However, DeepSeek’s leadership is cautious about maintaining independence and may prefer financial investors over strategic ones to avoid being locked into a specific tech ecosystem. Alternative options, such as state-backed funds, offer longer-term capital and policy support but may come with slower decision-making and potential constraints on global expansion. With competing AI firms accelerating their IPO plans, DeepSeek’s window for securing optimal terms may be narrowing. The final decision will reflect a trade-off between capital, resources, and strategic independence.

marsbitHace 1 hora(s)

20 Billion Valuation, Alibaba and Tencent Competing to Invest, Whose Money Will Liang Wenfeng Take?

marsbitHace 1 hora(s)

After Losing 97% of Its Market Value, iQiyi Attempts to Use AI to Forcefully Extend Its Lifespan

After losing 97% of its market value since its 2018 peak, iQiyi is aggressively pivoting to AI in a desperate attempt to survive. At its 2026 World Conference, CEO Gong Yu announced an "AI Artist Library" with over 100 virtual performers and a new AIGC platform, "NaDou Pro," promising faster production and lower costs. This shift comes as the company faces severe financial distress: its market cap sits near delisting thresholds at $1.36 billion, with significant losses, declining membership revenue, and depleted cash flow. The AI strategy has sparked controversy. Top actors have issued legal threats against unauthorized digital replicas, while in Hengdian, over 134,000 background actors are seeing their already scarce job opportunities vanish as AI replaces them for background roles. iQiyi's move represents a fundamental shift from being a high-cost content buyer to a landlord" to becoming a "platform capitalist" that transfers production risk to creators. This contrasts with competitors like Douyin (TikTok's Chinese counterpart), which is investing heavily in *real* actor-led short dramas, betting that authentic human connection retains users better than AI-generated content. The article draws a parallel to the 1920s transition to "talkies," which made cinema musicians obsolete but ultimately enriched the art form. In contrast, iQiyi's AI drive is framed not as an artistic evolution but as a cost-cutting measure that could degrade storytelling, replacing genuine human emotion with algorithmically calculated stimulation and potentially numbing audiences' capacity for empathy. The core question remains: can a company focused solely on financial survival preserve the art of storytelling?

marsbitHace 1 hora(s)

After Losing 97% of Its Market Value, iQiyi Attempts to Use AI to Forcefully Extend Its Lifespan

marsbitHace 1 hora(s)

Trading

Spot

Futuros