2026-01-16 03:24:12

Recently, the security team discovered a ransomware called DeadLock that is causing trouble. This malware has been active since July. The most interesting part is its approach: it uses Polygon smart contracts to store and update proxy server addresses.

What are the benefits of doing this? Hackers can dynamically rotate command and control infrastructure to prevent shutdowns. Traditional methods of tracking C&C servers often cut off the hacker's control chain, but with smart contracts, it becomes a distributed address database, significantly increasing difficulty.

Infected victims will experience data encryption, followed by the usual ransom process—pay the ransom to decrypt, or if not, the data will be posted online for sale. This reflects that cybercriminals are becoming increasingly familiar with blockchain technology and are beginning to leverage on-chain features to enhance their criminal activities. For Web3 users, this is indeed a security signal worth paying attention to.

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.

21 Likes

Reward
21
5
Repost
Share

Comment

0/400

LiquidationWatcher

· 01-18 10:49

yo this deadlock thing on polygon is actually giving me 2022 flashbacks ngl... smart contracts being weaponized as c&c infrastructure? that's a whole new level of chaos we weren't prepared for. watched too many positions get rekt already, now gotta worry about ransomware using the chain itself against us. not financial advice but seriously... check ur health factors and backup everything offline

Reply0

liquidation_watcher

· 01-16 03:53

Hackers are now playing with Polygon. These days, even ransomware needs to understand smart contracts. Truly impressive.

View OriginalReply0

NoodlesOrTokens

· 01-16 03:52

This hacker really learned the technology we haven't fully understood yet. Polygon has been played around by black industry, it's quite impressive. By the way, using on-chain stored addresses for this move is indeed hard to defend against... I'm scared. Wait, does this mean our understanding of blockchain is not deep enough? Using smart contracts as a springboard, how come black industry minds are so clever? Data is sold if ransom isn't paid, this move is too ruthless. Why does it always feel like black industry is one step ahead of security teams? DeadLock, this name sounds unsafe. Web3 users need to be more cautious, this time is different.

View OriginalReply0

LiquidityWitch

· 01-16 03:52

Hackers are using Polygon to cause trouble, turning the pursuit into a cat-and-mouse game.

View OriginalReply0

AirdropHuntress

· 01-16 03:33

Hackers are starting to play C&C hide and seek with smart contracts, and this move is indeed ruthless. Polygon is being used this way, making future tracking exponentially more difficult, as the cost to crack the distributed address database is too high. Web3 users need to be more vigilant, not only guarding against rug pulls but also against ransomware. The on-chain features are being exploited more and more by malicious actors, which is a real threat signal. What does this imply? Criminal enterprises are no longer amateurs; they are beginning to systematically exploit the anonymity and immutability of blockchain. It is worth investigating and tracking the flow of funds in these malicious contracts.

View OriginalReply0