Cryptocurrency security researchers have discovered and successfully mitigated a significant threat affecting thousands of smart contracts, effectively preventing over $10 million in crypto assets from being stolen.

On Thursday, Venn Network anonymous researcher Deeberiroz posted on the X platform that a backdoor had been lurking in the ecosystem for months, unnoticed by the outside world. The researcher stated that the vulnerability targeted uninitialized ERC-1967 proxy contracts, allowing attackers to hijack control before the contract was fully set up.

After discovering the vulnerability on Tuesday, Venn Network immediately launched a 36-hour emergency rescue operation, involving multiple developers and security researchers (including Pcaversaccio, Dedaub, and Seal 911) to assess the affected contracts and transfer or protect at-risk funds.

Or Dadosh, co-founder and president of Venn Network, told Cointelegraph in an interview that attackers initiated the attack by pre-deploying contracts and injecting malicious code.

Dadosh explained to Cointelegraph, "In simple terms, attackers exploited certain deployment methods to quietly implant hidden backdoors in thousands of contracts." He added that attackers could take over these vulnerable contracts at any time.

After the attack, hackers had an undetected and unremovable backdoor for months. Once the contract was initialized, malicious activities were nearly impossible to trace.

Security researchers successfully implemented the rescue ahead of the attackers by keeping the vulnerability confidential during the operation, ultimately averting the crisis.

Deeberiroz noted that multiple decentralized finance (DeFi) protocols acted promptly to protect at-risk crypto assets during the operation, taking measures before the attackers could transfer funds.

Dadosh stated, "We found that tens of millions of dollars in funds could be at risk. But more concerning is that if not contained in time, this vulnerability could continue to spread, threatening a larger proportion of the total value locked (TVL) controlled by the protocols."

Affected protocols include Berachain, whose team has urgently suspended related contracts. On Thursday, the Berachain Foundation confirmed the existence of a potential vulnerability and suspended incentive distribution contracts, transferring funds to new contracts.

The Berachain Foundation posted on the X platform, stating, "User funds are not at risk, and there have been no losses. Incentives will resume distribution within 24 hours, and the Merkle tree used for distribution will be regenerated."

Venn Network security researcher David Benchimol suspects that the notorious North Korean hacker group Lazarus may be involved in this attack. Benchimol told Cointelegraph in an interview, "The attack method is extremely sophisticated and has been deployed across all EVM chains."

The researcher also pointed out that the attackers have been waiting for larger targets to emerge, further indicating that there may be an organized group behind it. Nevertheless, Benchimol told Cointelegraph that there is currently no evidence to confirm Lazarus's direct involvement.

Related: XAI previews Grok upgrade, Musk claims AI may discover new physics

Original article: “Researchers Expose Multi-Million Dollar Backdoor in DeFi Space, Thousands of Smart Contracts Affected”

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。