{"id":17930,"date":"2025-10-16T14:52:00","date_gmt":"2025-10-16T14:52:00","guid":{"rendered":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/16\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\/"},"modified":"2025-10-16T14:52:00","modified_gmt":"2025-10-16T14:52:00","slug":"hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news","status":"publish","type":"post","link":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/16\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\/","title":{"rendered":"Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites info@thehackernews.com (The Hacker News)"},"content":{"rendered":"<p>A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers such as Atomic (AMOS), Lumma, Rhadamanthys (aka RADTHIEF), and Vidar, targeting both Windows and Apple macOS systems.<br \/>\n&#8220;UNC5142 is characterized by its use of compromised WordPress websites and &#8216;EtherHiding,&#8217; a technique used<a href=\"https:\/\/thehackernews.com\/2025\/10\/hackers-abuse-blockchain-smart.html\" target=\"_blank\" class=\"feedzy-rss-link-icon\">Read More<\/a>\u00a0<\/p>","protected":false},"excerpt":{"rendered":"<p>A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers such as Atomic (AMOS), Lumma, Rhadamanthys (aka RADTHIEF), and Vidar, targeting both Windows and Apple macOS systems. &#8220;UNC5142 is characterized by its use of compromised WordPress websites and &#8216;EtherHiding,&#8217; a technique [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":17931,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-17930","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.8 - aioseo.com -->\n\t<meta name=\"description\" content=\"A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers such as Atomic (AMOS), Lumma, Rhadamanthys (aka RADTHIEF), and Vidar, targeting both Windows and Apple macOS systems. &quot;UNC5142 is characterized by its use of compromised WordPress websites and &#039;EtherHiding,&#039; a technique\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<meta name=\"author\" content=\"admin\"\/>\n\t<link rel=\"canonical\" href=\"https:\/\/sekuritasit.com\/index.php\/2025\/10\/16\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.8\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Sekuritas IT \u203a Creative solutions to unique challenges.\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta property=\"og:description\" content=\"A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers such as Atomic (AMOS), Lumma, Rhadamanthys (aka RADTHIEF), and Vidar, targeting both Windows and Apple macOS systems. &quot;UNC5142 is characterized by its use of compromised WordPress websites and &#039;EtherHiding,&#039; a technique\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/sekuritasit.com\/index.php\/2025\/10\/16\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\/\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2025-10-16T14:52:00+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2025-10-16T14:52:00+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100086973577423\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:title\" content=\"Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta name=\"twitter:description\" content=\"A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers such as Atomic (AMOS), Lumma, Rhadamanthys (aka RADTHIEF), and Vidar, targeting both Windows and Apple macOS systems. &quot;UNC5142 is characterized by its use of compromised WordPress websites and &#039;EtherHiding,&#039; a technique\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/10\\\/16\\\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\\\/#blogposting\",\"name\":\"Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"headline\":\"Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites info@thehackernews.com (The Hacker News)\",\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2025\\\/10\\\/blockchain-malware-B8fky3.jpg\",\"width\":900,\"height\":470},\"datePublished\":\"2025-10-16T14:52:00+00:00\",\"dateModified\":\"2025-10-16T14:52:00+00:00\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/10\\\/16\\\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/10\\\/16\\\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"articleSection\":\"Uncategorized\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/10\\\/16\\\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/sekuritasit.com\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"position\":2,\"name\":\"Uncategorized\",\"item\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/10\\\/16\\\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\\\/#listItem\",\"name\":\"Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites info@thehackernews.com (The Hacker News)\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/10\\\/16\\\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\\\/#listItem\",\"position\":3,\"name\":\"Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites info@thehackernews.com (The Hacker News)\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\",\"name\":\"Sekuritas IT\",\"description\":\"Creative solutions to unique challenges.\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100086973577423\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/10\\\/16\\\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\\\/#authorImage\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g\",\"width\":96,\"height\":96,\"caption\":\"admin\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/10\\\/16\\\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\\\/#webpage\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/10\\\/16\\\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\\\/\",\"name\":\"Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"description\":\"A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers such as Atomic (AMOS), Lumma, Rhadamanthys (aka RADTHIEF), and Vidar, targeting both Windows and Apple macOS systems. \\\"UNC5142 is characterized by its use of compromised WordPress websites and 'EtherHiding,' a technique\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/10\\\/16\\\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2025\\\/10\\\/blockchain-malware-B8fky3.jpg\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/10\\\/16\\\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\\\/#mainImage\",\"width\":900,\"height\":470},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/10\\\/16\\\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\\\/#mainImage\"},\"datePublished\":\"2025-10-16T14:52:00+00:00\",\"dateModified\":\"2025-10-16T14:52:00+00:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"name\":\"Sekuritas IT\",\"alternateName\":\"Sekuritas\",\"description\":\"Creative solutions to unique challenges.\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers such as Atomic (AMOS), Lumma, Rhadamanthys (aka RADTHIEF), and Vidar, targeting both Windows and Apple macOS systems. \"UNC5142 is characterized by its use of compromised WordPress websites and 'EtherHiding,' a technique","canonical_url":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/16\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/16\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\/#blogposting","name":"Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","headline":"Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites info@thehackernews.com (The Hacker News)","author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2025\/10\/blockchain-malware-B8fky3.jpg","width":900,"height":470},"datePublished":"2025-10-16T14:52:00+00:00","dateModified":"2025-10-16T14:52:00+00:00","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/16\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\/#webpage"},"isPartOf":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/16\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\/#webpage"},"articleSection":"Uncategorized"},{"@type":"BreadcrumbList","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/16\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","position":1,"name":"Home","item":"https:\/\/sekuritasit.com","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","position":2,"name":"Uncategorized","item":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/16\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\/#listItem","name":"Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites info@thehackernews.com (The Hacker News)"},"previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/16\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\/#listItem","position":3,"name":"Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites info@thehackernews.com (The Hacker News)","previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}}]},{"@type":"Organization","@id":"https:\/\/sekuritasit.com\/#organization","name":"Sekuritas IT","description":"Creative solutions to unique challenges.","url":"https:\/\/sekuritasit.com\/","sameAs":["https:\/\/www.facebook.com\/profile.php?id=100086973577423"]},{"@type":"Person","@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author","url":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/","name":"admin","image":{"@type":"ImageObject","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/16\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\/#authorImage","url":"https:\/\/secure.gravatar.com\/avatar\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g","width":96,"height":96,"caption":"admin"}},{"@type":"WebPage","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/16\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\/#webpage","url":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/16\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\/","name":"Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers such as Atomic (AMOS), Lumma, Rhadamanthys (aka RADTHIEF), and Vidar, targeting both Windows and Apple macOS systems. \"UNC5142 is characterized by its use of compromised WordPress websites and 'EtherHiding,' a technique","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/sekuritasit.com\/#website"},"breadcrumb":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/16\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\/#breadcrumblist"},"author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"creator":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2025\/10\/blockchain-malware-B8fky3.jpg","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/16\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\/#mainImage","width":900,"height":470},"primaryImageOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/16\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\/#mainImage"},"datePublished":"2025-10-16T14:52:00+00:00","dateModified":"2025-10-16T14:52:00+00:00"},{"@type":"WebSite","@id":"https:\/\/sekuritasit.com\/#website","url":"https:\/\/sekuritasit.com\/","name":"Sekuritas IT","alternateName":"Sekuritas","description":"Creative solutions to unique challenges.","inLanguage":"en-US","publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"}}]},"og:locale":"en_US","og:site_name":"Sekuritas IT \u203a Creative solutions to unique challenges.","og:type":"article","og:title":"Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","og:description":"A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers such as Atomic (AMOS), Lumma, Rhadamanthys (aka RADTHIEF), and Vidar, targeting both Windows and Apple macOS systems. &quot;UNC5142 is characterized by its use of compromised WordPress websites and 'EtherHiding,' a technique","og:url":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/16\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\/","article:published_time":"2025-10-16T14:52:00+00:00","article:modified_time":"2025-10-16T14:52:00+00:00","article:publisher":"https:\/\/www.facebook.com\/profile.php?id=100086973577423","twitter:card":"summary_large_image","twitter:title":"Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","twitter:description":"A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers such as Atomic (AMOS), Lumma, Rhadamanthys (aka RADTHIEF), and Vidar, targeting both Windows and Apple macOS systems. &quot;UNC5142 is characterized by its use of compromised WordPress websites and 'EtherHiding,' a technique"},"aioseo_meta_data":{"post_id":"17930","title":null,"description":null,"keywords":null,"keyphrases":null,"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":null,"og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":null,"robots_max_videopreview":null,"robots_max_imagepreview":"large","priority":null,"frequency":null,"local_seo":null,"breadcrumb_settings":null,"limit_modified_date":false,"ai":null,"created":"2025-10-16 16:08:47","updated":"2025-10-16 16:08:47","seo_analyzer_scan_date":null},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\" title=\"Home\">Home<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/\" title=\"Uncategorized\">Uncategorized<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\tHackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites info@thehackernews.com (The Hacker News)\n\t\t<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/sekuritasit.com"},{"label":"Uncategorized","link":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/"},{"label":"Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites info@thehackernews.com (The Hacker News)","link":"https:\/\/sekuritasit.com\/index.php\/2025\/10\/16\/hackers-abuse-blockchain-smart-contracts-to-spread-malware-via-infected-wordpress-sites-infothehackernews-com-the-hacker-news\/"}],"_links":{"self":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/17930","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/comments?post=17930"}],"version-history":[{"count":0,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/17930\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media\/17931"}],"wp:attachment":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media?parent=17930"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/categories?post=17930"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/tags?post=17930"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}