Void Botnet Leverages Ethereum Smart Contracts for Resilient Command-and-Control Network

A new threat has emerged in the form of the Void Botnet, a decentralized malware that utilizes Ethereum smart contracts to maintain its command-and-control network.

The botnet's infrastructure is highly resilient and difficult for authorities to dismantle due to the absence of a centralized server or domain. This makes it challenging to take down the botnet using traditional methods.

Researchers have discovered that Void Botnet offers operators a flexible, dual-mode system. In primary mode, encrypted commands are routed entirely through Ethereum smart contracts. Infected machines poll public RPC endpoints every three to five minutes to retrieve new tasks.

The operator's panel provides comprehensive post-compromise tools, including the ability to track the location, operating system, and antivirus status of each infected machine. Operators can deploy payloads as executables or DLLs and filter targets by geographic region.