Home
News
Details

DeadLock Ransomware Uses Polygon Smart Contracts to Evade Tracking

iconKuCoinFlash
Share
Share IconShare IconShare IconShare IconShare IconShare IconCopy
This is the logo of the coin.
MATIC
$0.369578--
AI summary iconSummary

expand icon
DeadLock ransomware is utilizing smart contracts on the Polygon network to rotate proxy server addresses and evade detection. First observed in July 2025, the malware uses JavaScript to interact with Polygon through RPC lists, retrieving server addresses from attacker-controlled nodes. This method is similar to EtherHiding, aiming to establish censorship-resistant communication. Three variants have emerged, with the latest using the encrypted app Session to contact victims. Security experts emphasize the importance of smart contract audits to prevent such exploits.

Odaily Planet News: According to monitoring by Group-IB, the DeadLock ransomware family is now using Polygon smart contracts to distribute and rotate proxy server addresses in order to evade security detection. The malware was first discovered in July 2025. It embeds JavaScript code in HTML files to interact with the Polygon network, using an RPC list as a gateway to obtain server addresses controlled by the attackers. This technique is similar to the previously discovered EtherHiding, aiming to leverage decentralized ledgers to build communication channels that are difficult to block. DeadLock has now produced at least three variants, with the latest version embedding the encrypted communication app Session to directly communicate with victims.

Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.