Aeternum C2: The Botnet That Lives on the Polygon Blockchain

Qrator Research Lab has uncovered Aeternum — a native C++ botnet loader that uses the Polygon blockchain as its primary and only command-and-control channel. Unlike predecessors like Glupteba that used blockchain as a fallback, Aeternum makes the blockchain the sole C2 infrastructure. There are no servers to seize, no domains to sinkhole. Why This Matters Cost to operate: ~$1 in MATIC tokens commands thousands of bots Command delivery: 2–3 minutes to reach all infected devices Active: October 2025 – present Price: $200 for panel access, $4,000 for full source code How It Works The infected machine calls a Polygon RPC endpoint using standard eth_call JSON-RPC. It invokes getDomain() (selector 0xb68d1809 ) on a deployed smart contract, which returns an AES-256-GCM encrypted command. The malware decrypts it locally and executes. // JSON-RPC pattern { "method": "eth_call", "params": [{ "to": "0x4d70C3393C5d9EC325Edf8b3f289cFA9777e64B0", "data": "0xb68d1809" }, "latest"] } Command Syntax al

Aeternum C2: The Botnet That Lives on the Polygon Blockchain

Related Articles

This is the lowest price on a 64GB RAM kit I've seen in months

What Is Computer Science? (Learn This Before It’s Too Late)

How to Build Your Own Claude Code Skill

how to make programming terrible for everyone

Rob Pike’s 5 Rules: The Secret to Building Systems That Actually Survive Production

Related Articles

How-To
This is the lowest price on a 64GB RAM kit I've seen in months
ZDNet • 4d ago

How-To
What Is Computer Science? (Learn This Before It’s Too Late)
Medium Programming • 4d ago

How-To
How to Build Your Own Claude Code Skill
FreeCodeCamp • 4d ago

How-To
how to make programming terrible for everyone
Lobsters • 4d ago

How-To
Rob Pike’s 5 Rules: The Secret to Building Systems That Actually Survive Production
Medium Programming • 4d ago