Polygon smart contracts under attack, but the real danger may be just starting!

ambcryptoPublicado em 2026-01-17Última atualização em 2026-01-17

Resumo

Blockchain technology's growth is increasingly exploited by threat actors, as evidenced by the DeadLock ransomware. This group uses Polygon smart contracts to dynamically rotate server addresses, making their infrastructure more resilient and evading traditional disruption methods. This highlights a concerning shift where decentralized systems, originally designed to prevent centralized abuse, are now being weaponized. Security firm Group-IB warns this is part of an emerging trend, citing similar campaigns like North Korea's UNC5342 using "EtherHiding" on Ethereum. The abuse of smart contracts for malware distribution and ransomware operations signals a deeper, growing threat to blockchain networks.

As blockchain adoption continues to grow, so does its misuse.

At a fundamental level, the technology is widely used to improve liquidity and efficiency across industries. However, threat actors are now leveraging it to make their infrastructure more resilient and harder to disrupt.

DeadLock ransomware is a clear example of this shift. According to Group-IB research, DeadLock uses Polygon [POL] smart contracts to rotate server addresses, allowing it to evade traditional detection methods.

Naturally, this puts the broader decentralization narrative under scrutiny.

In this case, Polygon smart contracts are the ones under pressure. Why does this matter? Blockchain technology was originally designed to prevent the kind of abuse historically seen in traditional, centralized systems.

However, the use of Polygon smart contracts to support ransomware operations shows that decentralized infrastructure can also be exploited by threat actors, raising the question: What does this mean for the network?

Polygon smart contracts – Part of an emerging malware trend

Looking closely, DeadLock isn’t just another ransomware.

In a centralized system, stopping an attack can be as easy as flipping a switch. However, with decentralized setups like Polygon smart contracts, teams can’t just “turn it off” as the control is baked into the core of the network.

Notably, that’s exactly what this technique is taking advantage of. And now, imagine this as part of an “emerging trend” where more attacks are likely to leverage smart contracts across other blockchain platforms.

That brings us to what Group-IB analysts are warning about.

As shown in the chart above, Google recently reported that the North Korean (DPRK) threat actor UNC5342 used a technique called “EtherHiding.” This leverages blockchains to store and retrieve payloads.

Meanwhile, another campaign used Ethereum [ETH] smart contracts which were then used to download second-stage malware. In short, the DeadLock trick with Polygon smart contracts isn’t the end of this trend.

Instead, it could be just the start of deeper smart contract abuse.

Final Thoughts

DeadLock ransomware exploits Polygon smart contracts to rotate server addresses, showing how decentralized infrastructure can be abused.
Smart contract abuse is an emerging trend, with other campaigns like UNC5342 signaling deeper threats across blockchain platforms.

Perguntas relacionadas

QWhat is the primary method used by DeadLock ransomware to evade detection, according to the article?

ADeadLock ransomware uses Polygon smart contracts to rotate server addresses, allowing it to evade traditional detection methods.

QWhy can't teams simply 'turn off' an attack when it uses decentralized setups like Polygon smart contracts?

ABecause the control is baked into the core of the network in decentralized setups, making it impossible to just 'turn it off' like in a centralized system.

QWhat emerging trend in malware attacks does the article highlight beyond the DeadLock case?

AThe article highlights an emerging trend where threat actors are leveraging smart contracts across various blockchain platforms to store and retrieve payloads or download malware, as seen with campaigns like UNC5342 using Ethereum smart contracts.

QWhich threat actor used a technique called 'EtherHiding' to leverage blockchains, as mentioned in the article?

AThe North Korean (DPRK) threat actor UNC5342 used a technique called 'EtherHiding' to leverage blockchains for storing and retrieving payloads.

QWhat does the abuse of Polygon smart contracts by ransomware operations raise questions about?

AIt raises questions about the security and implications for the network, as decentralized infrastructure can be exploited by threat actors, contrary to blockchain's original design to prevent abuse in centralized systems.

Leituras Relacionadas

A Wave of Resistance Against AI Data Centers Sweeps the U.S., and the Most Vocal Are Not in Wealthy Areas

A nationwide movement against AI data center construction is gaining momentum across the US, from Vermont to California. New York's legislature recently passed a one-year moratorium, and Illinois has paused tax incentives for such projects. A new report, featuring exclusive data analysis from researcher Geoff Holtzman, challenges the narrative that opposition is led by wealthy "NIMBYs." Key findings reveal: 1) Resistance is highest in the poorest communities (19% protest rate) and lowest in the wealthiest (3.8%). 2) Proposed data centers facing community protests are over five times more likely to be canceled or paused (28.2% vs. 5.2%). 3) The higher cancellation rate in low-income areas is directly explained by their higher protest rates. A separate Heatmap poll shows 55% of Americans strongly oppose local data centers, with opposition strongest among Democrats, rural residents, and young adults (80% of 18-35 year olds). The analysis concludes that the anti-data center movement is largely driven by working-class communities and is proving effective at halting projects.

marsbitHá 18m

A Wave of Resistance Against AI Data Centers Sweeps the U.S., and the Most Vocal Are Not in Wealthy Areas

marsbitHá 18m

Yang Ge Gary: Agent Economy and AI Sub-Microeconomics

"Agent Economy and AI Submicroeconomics" by Gary Yang discusses the evolution of AI Agent economies, written from Singapore in June 2026. The author observes a significant "civilizational generational gap" in AI development, particularly highlighted by events in Silicon Valley. The article identifies a current bottleneck in the transition from Human-to-Agent (H2A) economies to true Agent-to-Agent (A2A) ecosystems. While AI Payment protocols are rapidly emerging, many implementations remain non-AI-native, focusing on traditional human decision-making models rather than leveraging autonomous Agent decision-making. A core thesis is the inevitable formation of an **Agent Economy**, defined as a system where autonomous AI Agents create, exchange, and capitalize value independently. This requires new infrastructure: **AI Protocols**, which are the foundational rules and standards for Agent interaction. The piece explores the relationship and current gap between AI Protocols and Crypto Protocols, suggesting political and regulatory factors from traditional finance are temporarily constraining development. However, a future fusion into a mature Digital Protocol system is deemed inevitable based on first principles. The author introduces **AI Agent Submicroeconomics**, contrasting it with human economics. Key differences include higher transaction frequency, lower value per transaction, efficiency-driven (not emotion-driven) decisions, task-oriented (not consumption-oriented) behavior, and near-zero organizational and communication costs. A biological analogy is drawn, comparing an Agent to a cell, its LLM to a nucleus, and its protocol stack to a cell membrane. The rise of **AIFi** (AI Finance) is presented as a natural consequence, where value originates from AI-native activities and is subsequently tokenized and financialized. This contrasts with DeFi/TradFi, where finance is the source of value. The concept of a **Financial Chip (FinChip)**—an autonomous AI Agent integrated with a crypto smart contract—is highlighted as key infrastructure for this new economy. The conclusion emphasizes that **AI-Native** thinking represents a paradigm shift distinct from "Internet+" upgrades. It requires reasoning from first principles, focusing on energy-value shortest paths and maximum efficiency, which presents a steep learning curve and significant challenge for all participants in this rapidly evolving field.

marsbitHá 24m

Yang Ge Gary: Agent Economy and AI Sub-Microeconomics

marsbitHá 24m

ViaBTC CEO Haipo Yang: Looking Back at the Decade, Re-understanding the Value of Crypto

In "A Decade in Retrospect: Re-evaluating the Value of Crypto," ViaBTC & CoinEx CEO Haipo Yang reflects on the cryptocurrency industry's evolution since founding ViaBTC in 2016. Initially a niche interest, Crypto has fundamentally transformed key financial infrastructures like market making, trading, settlement, and issuance through open protocols, as seen with Uniswap and GMX, and enabled efficient cross-border transfers via stablecoins. While acknowledging speculation's role in fueling innovation and liquidity, Yang warns it often overshadows real demand. He distinguishes between blockchain (a trust-minimizing technology), Web3 (an application model requiring genuine utility), and Crypto assets. The latter's value derives from block space as a commodity (e.g., gas fees) and "sovereign liquidity premium" (e.g., Bitcoin's censorship resistance), with most tokens lacking such dual support. Looking ahead, Yang argues the next decade's focus should shift from "open participation" to "sustainable participation," emphasizing reliable infrastructure. He predicts consolidation towards networks with strong security and liquidity (like Bitcoin and Ethereum), and sees DeFi becoming a specialized tool rather than a mass replacement for traditional finance. Crypto will integrate into traditional finance (e.g., via Bitcoin ETFs) but may sacrifice some decentralization for mainstream adoption. Real future demand may come from AI agents and machine economies needing permissionless settlement. Ultimately, Yang believes Crypto's enduring value lies not in hype or replacing everything, but in verifiably reducing trust costs, increasing efficiency, and providing stable, transparent services across market cycles.

marsbitHá 24m

ViaBTC CEO Haipo Yang: Looking Back at the Decade, Re-understanding the Value of Crypto

marsbitHá 24m

Silicon Valley Moguls Gather for 'Werewolf' Reality Show, Billionaires Engage in Power Gameplay

Silicon Valley elites, including OpenAI's Sam Altman, Anduril's Palmer Luckey, and Signal's Moxie Marlinspike, gathered not for a tech discussion, but to film a reality show playing "Mafia" (the US version of Werewolf). The show, titled *MAFIA*, is produced by the legendary venture capital firm Founders Fund. Held at the historic Tosca Cafe in San Francisco, the game revealed participants' real-time decision-making and personalities under pressure. Altman applied analytical logic, Luckey's playful style made him an early target, and Marlinspike skillfully shifted the group's thinking. The session quickly devolved into a battle of intuition and accusation after Figma's Dylan Field was eliminated first. More than just entertainment, the show is seen as a public experiment and a rebellion against standard VC narratives. It demonstrates how Silicon Valley's new elite leverages "infotainment" to build influence. As traditional media wanes, figures like Founders Fund are taking control of content creation, understanding that narrative control and public performance are becoming crucial capital in the internet age. The strategic thinking, persuasive communication, and rapid decision-making displayed in the game mirror the very skills that drive their real-world success.

marsbitHá 1h

Silicon Valley Moguls Gather for 'Werewolf' Reality Show, Billionaires Engage in Power Gameplay

marsbitHá 1h

ChatGPT's "Dreaming" Feature: A Must-Have for All AIs

ChatGPT has introduced a major new "Dreaming" memory system, making its AI assistant more human-like by automatically learning and updating user preferences over time. Unlike the older "Saved memories" feature, which required explicit user commands to store information, the new system actively synthesizes useful details from past conversations—such as travel plans, work projects, or personal interests—and intelligently determines which facts remain relevant and which have become outdated. OpenAI reports significant performance improvements: accuracy in recalling facts rose from 41.5% with the old system to 82.8% with Dreaming V3, while adherence to user preferences increased from 31.4% to 71.3%. A key enhancement is the system's ability to keep information current over time, with accuracy jumping from 9.4% to 75.1%. Users can now view and edit a "Memory Summary" page, see sources that influenced responses, and control memory settings. While the feature initially rolls out to US Plus and Pro users, it will later expand globally and to free-tier users. This evolution marks a shift for ChatGPT from a general conversational model toward a persistent, personalized assistant that builds a long-term understanding of each user—raising both practical possibilities and deeper questions about privacy and the nature of AI-human relationships.

marsbitHá 2h