A new ransomware called “DeadLock” is using Polygon smart contracts to distribute proxy addresses, according to Group-IB. The ransomware, discovered in July, has low exposure but innovative methods that could be dangerous. DeadLock leverages smart contracts to store proxy server addresses, making it difficult to disrupt infrastructure. North Korean threat actors are also using smart contracts for malware dissemination, a tactic called “EtherHiding” identified by Google. This technique involves storing and retrieving malicious payloads on public blockchains, turning the blockchain into a decentralized command-and-control server.

Read more at Cointelegraph: DeadLock Malware Exploits Polygon Smart Contracts to Hide