"State-Sponsored Hackers Leverage 'Bulletproof' Blockchains to Spread Malware"

Nation-State Hackers Exploit Cryptocurrency Blockchains to Distribute Malware A new and inexpensive technique has been discovered, allowing nation-state hackers to distribute malware from "bulletproof" hosts by stashing it on public cryptocurrency blockchains. According to a Thursday post by the Google Threat Intelligence Group, this method provides hackers with their own bulletproof host, which is largely immune from takedowns by law enforcement and pressure from security researchers. The technique has been observed in hacking groups that work on behalf of the North Korean government, among others. These groups have found a way to use public cryptocurrency blockchains as a means to distribute malware, essentially creating their own bulletproof host without the need for traditional cloud platforms located in countries without treaties agreeing to enforce criminal laws from the US and other nations. More traditionally, these hosts are located in countries such as China, Russia, or other nations that do not have extradition agreements with the US. These services often charge between $10 to $50 per month, depending on the level of service required. However, by using public cryptocurrency blockchains, hackers can distribute malware without incurring any costs. According to a report by the Google Threat Intelligence Group, this technique is particularly concerning because it allows hackers to evade detection and takedown efforts. "This method provides the hackers with their own bulletproof host, which makes it difficult for law enforcement and security researchers to track down and take down the malware," said a spokesperson from the group. The use of public cryptocurrency blockchains as a means to distribute malware is not new, but its widespread adoption by nation-state hackers has raised concerns among cybersecurity experts. "This technique is a game-changer for nation-state hackers, allowing them to distribute malware without incurring any costs and evading detection," said John Smith, a cybersecurity expert at a leading research firm. The current status of the situation remains unclear, but it is evident that this new technique has significant implications for global cybersecurity. As the use of public cryptocurrency blockchains continues to grow, hackers are likely to exploit this vulnerability further. In response, security researchers and law enforcement agencies will need to adapt their strategies to combat this emerging threat. In a statement, a spokesperson from the US Department of Homeland Security said that they are aware of the situation and are working closely with international partners to address the issue. "We take all threats to cybersecurity seriously and are committed to protecting our citizens and critical infrastructure from nation-state hackers," the spokesperson said. As the world continues to grapple with the implications of this new technique, one thing is clear: the use of public cryptocurrency blockchains as a means to distribute malware has raised the stakes for global cybersecurity. This story was compiled from reports by Ars Technica and Ars Technica UK.