Crypto security researchers have discovered and neutralized a critical threat affecting thousands of smart contracts, potentially preventing more than $ 10 million crypto from flying.
On Thursday, the pseudonym researcher of the Venn network, Deeberoz, shared in a post X that a hidden door feat silently threatened the ecosystem for months. The researcher said that the feat was targeting unninished ERC-1967 proxy contracts, allowing them to divert contracts before having been properly put in place.
Venn Network discovered the vulnerability on Tuesday, triggering a 36 -hour rescue operation involving several developers, including security researchers PCAVERSACCIO, DEDAUB and SEAL 911, who worked together to assess the affected contracts and move or secure vulnerable funds.
The attackers injected implementations of malicious contracts
Or Dadosh, co-founder and president of Venn Network, told Cintelegraph that deployments of the striker’s contract in front-group and injected malicious implementations.
“In the simplest terms, the attacker has exploited certain deployments, which allowed them to put a well hidden back door in thousands of contracts,” Dadosh told Cointelegraph, adding that the attacker could have taken control of vulnerable contracts at any time.
After the attack, the pirate had an undetected and irregular stolen door for months. Once the contract is initialized, he made an almost invisible malicious activity.
Security researchers exceeded the attackers while keeping the vulnerability under the Wraps during the operation, which led to a successful rescue.
Deeberoz said several decentralized financing protocols (DEFI) had been able to secure the crypto at risk during the operation, acting before the attackers could siphon the assets.
“We have found tens of millions of dollars potentially at risk,” said Dadosh. “But even more frightening, it was if it could have continued to grow, and a larger part of the overall TVL (total locked value) owned by the protocols involved could have been threatened.”
Berachain takes a contract break, Lazarus suspected
The affected protocols included Berachain, whose team responded by arresting the affected contract. On Thursday, the Berachain Foundation recognized the potential vulnerability and interrupted its incentive complaint contract and transferred its funds to a new contract.
“No user funds are at risk or has been lost,” wrote the Berachain Foundation on X. “Incitations will be claimed again in the coming 24 hours, because Merkles for the distribution will be recreated.”
In relation: The Central Banzil Service Supplier of Pirated Brazil, $ 140 million stolen
Venn Network’s security researcher David Benchimol suspects the infamous North Korean piracy group Lazarus was involved in the attack. Benchimol told Cintelegraph that “the attack vector was very sophisticated and deployed on each EVM channel”.
The researcher also noted that the attacker was waiting for a larger target before attacking, which makes him more likely to be from an organized group. Despite this, Benchimol told Cointtelegraph that there was no confirmation that Lazarus was involved.
https://www.youtube.com/watch?v=ndv0rfehetq
Review: Coinbase Hack shows that the law will probably not protect you – here’s why
