Threat Research

    DeadLock Ransomware: Smart Contracts for Malicious Purposes

    DeadLock is a low-profile ransomware discovered in July 2025 that stands out for operating without known affiliates or a data leak site. Despite limited victim visibility, the group employs an unusual technique by abusing Polygon smart contracts to rotate or distribute proxy server addresses, enabling stealthy and decentralized infrastructure management....
    1/21/2026  0
    Read More »

    Crypto Wasted: BlueNoroff’s Ghost Mirage of Funding and Jobs

    BlueNoroff (also known as APT38, Sapphire Sleet, and TA444) — a financially motivated North Korean threat group — continues its SnatchCrypto operation, targeting blockchain developers and Web3 executives. The group has evolved its tactics with new infiltration methods and malware families....
    10/30/2025  0
    Read More »

    New Group on the Block: UNC5142 Leverages EtherHiding to Distribute Malware

    UNC5142 is a financially motivated threat actor known for distributing infostealers such as ATOMIC, VIDAR, LUMMAC.V2, and RADTHIEF using a technique called EtherHiding, which involves storing malicious code within smart contracts on the BNB Smart Chain to evade traditional detection methods....
    10/20/2025  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.