Crypto security firm Venn Network uncovered and neutralized a major backdoor vulnerability that put over $10 million in onchain assets at risk across thousands of smart contracts.

Venn security researcher @deeberiroz shared details of the discovery on X, saying that it triggered a 36-hour rescue operation involving several security researchers and developers, including Pcaversaccio, Dedaub, and Seal 911, who worked together to secure or move vulnerable funds before the attacker could exploit them.

“The backdoor gave hackers full control, forwarding calls to the original contract while etherscan showed no issues,” said deeberiroz.

This story is an excerpt from the Unchained Daily newsletter.

“Worse, it was unremovable – attempts to fix it reset the malicious contract.”

The fund saving operation resulted in some protocols reconfiguring contracts, and upgrading them to safely withdraw funds. 

Researchers suspect the operation’s sophistication and scale may be linked to the North Korean Lazarus Group, who were likely yet to act on the vulnerability until they had a bigger pool of funds in sight.