Malicious Contracts

Explore the potential of smart contracts as anonymous rootkit command and control infrastructure in this 29-minute conference talk from Hack In The Box Security Conference. Delve into the immutable and anonymous nature of smart contracts on public blockchains, and discover how these qualities can be exploited to create untraceable malicious infrastructure. Learn about the creation of a smart contract with rootkit functionality, capable of remotely controlling various devices including mobile phones, IoT devices, servers, and PCs. Witness a live demonstration of a smart contract-powered rootkit and understand the implications for botnet control and targeted attacks. Gain insights into the challenges of attribution and the potential scale of such attacks, presented by Christian Papathansiou, an experienced cybersecurity professional and blockchain expert.