DeadLock Ransomware: Smart Contracts for Malicious Purposes


DeadLock is a ransomware family discovered in July 2025. It is notable for not being associated with any known affiliate programs and for lacking a Data Leak Site (DLS). This, combined with the limited number of reported victims, has resulted in low exposure for the group. However, Group-IB specialists have discovered an interesting use of Polygon smart contracts for proxy server address rotation or distribution.

This finding warrants public attention, especially since the abuse of this specific blockchain for malicious purposes has not been widely reported. In addition, the recent discovery of similar techniques show that the abuse of smart contracts for malicious purposes could become an emerging trend.

Read more…
Source: Group IB


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • CISA Releases Six Industrial Control Systems Advisories

    February 2, 2023

    CISA released six Industrial Control Systems (ICS) advisories on February 2, 2023.These advisories provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-23-033-01 Delta Electronics DIAScreen ICSA-23-033-02 Mitsubishi Electric GOT2000 Series and GT SoftGOT2000 ICSA-23-033-03 Baicells Nova Read more… Source: U.S. ...

  • North Korean hackers stole research data in two-month-long breach

    February 2, 2023

    A new cyber espionage campaign dubbed ‘No Pineapple!’ has been attributed to the North Korean Lazarus hacking group, allowing the threat actors to stealthily steal 100GB of data from the victim without causing any destruction. The campaign lasted between August and November 2022, targeting organizations in medical research, healthcare, chemical engineering, energy, defense, and a leading ...

  • What SOCs Need to Know About Water Dybbuk, A BEC Actor Using Open-Source Toolkits

    February 2, 2023

    In September 2022, Trend Micro researchers observed a new potential BEC campaign that was targeting large companies around the world which we believe has been running since April 2022. By carefully selecting their target victims and leveraging open-source tools, the group behind this campaign stayed under the radar for quite some time. This attack leveraged an ...

  • ION Markets suffers cyber attack on derivatives platform

    February 1, 2023

    ION Markets was hit with a cyber attack last night that impacted some of its derivatives services and resulted in concerns around trade processing for its clients. The news first came to light with a Twitter post from user PriapusIQ at 10.24pm last night claiming “trade processing carnage” following a cyber attack Read more… Source: The Trade Related story: ...

  • University of Iowa Hospitals website possibly hit by cyberattack

    February 1, 2023

    A Russian hacking group has claimed to have taken down the University of Iowa Hospitals and Clinics website, along with the websites of dozens of other hospitals nationwide. UIHC has acknowledged its website is down Tuesday afternoon and its IT staff is investigating the cause but could not confirm whether it was the result of a ...

  • New Sh1mmer ChromeBook exploit unenrolls managed devices

    January 31, 2023

    A new exploit called ‘Sh1mmer’ allows users to unenroll an enterprise-managed Chromebook, enabling them to install any apps they wish and bypass device restrictions. When Chromebooks are enrolled with a school or an enterprise, they are managed by policies established by the organization’s administrators. This allows admins to force-install browser extensions, apps, and to restrict how ...