DeadLock ransomware hides using exploited Polygon smart contracts
Group-IB found a ransomware dubbed DeadLock that is exploiting Polygon smart contracts to rotate proxy addresses to evade takedowns.
A recently-discovered ransomware dubbed “DeadLock” is stealthily exploiting Polygon smart contracts to rotate and distribute proxy addresses, say researchers at cybersecurity firm Group-IB.
The company reported on Thursday that the DeadLock ransomware, first discovered in July, has seen “low exposure” as it isn’t tied to any known data leak site or affiliate programs and has a “limited number of reported victims.”
However, Group-IB warned that even though the ransomware is “low profile,” it uses “innovative methods” that could be dangerous to organizations that don’t take the malware seriously, “especially since the abuse of this specific blockchain for malicious purposes has not been widely reported.”
Source: Cointelegraph →Related News
- Feb 24, 2026
Ethereum Foundation starts staking ETH as client diversity concerns persist
- Feb 24, 2026
‘Bitcoin scarcity is dead’: Crypto executives push back on viral claim
- Feb 24, 2026
Solo Bitcoin miner bags over $200K block reward using rented hashrate
- Feb 24, 2026
Vitalik sells 17K ETH in one month after earmarking $45M for privacy
- Feb 24, 2026
Stablecoin stagnation, tariffs a headwind for Bitcoin prices, analysts say