SleepyDuck Malware

Analysis and details of the SleepyDuck malware, which utilizes Ethereum blockchain for C2 resilience.

SleepyDuck Malware Redefines C2 Resilience with Ethereum Blockchain

Nov 3, 2025

—

by

Lara De Jong

in Cyber News & Updates

A dangerous new remote access trojan (RAT), dubbed SleepyDuck, is leveraging an Ethereum blockchain contract to maintain an incredibly resilient command and control (C2) infrastructure. This isn’t just another piece of malware; it’s a sophisticated threat that can update its C2 server address on the fly, making it notoriously difficult to shut down. This innovative,…