Cybersecurity specialists have successfully intercepted a sophisticated attack targeting thousands of decentralized finance protocols, potentially preventing the theft of over $10 million in digital assets. The vulnerability exploited uninitialized ERC-1967 proxy contracts, creating hidden backdoors that could have enabled complete contract takeover.
The Venn Network research team discovered the critical flaw on Tuesday, triggering an emergency response involving multiple security firms. Pseudonymous researcher Deeberiroz revealed the exploit allowed attackers to hijack contracts before proper configuration. ——This represents one of the most sophisticated DeFi threats we've encountered—— noted Or Dadosh of Venn Network.
The malicious actors employed a novel strategy of injecting harmful implementations during contract deployment. 【Security logs】 show the attackers maintained undetectable access for months, waiting to strike high-value targets. The operation's scale and complexity have led investigators to suspect involvement by the North Korean Lazarus Group.
Several major protocols including Berachain took immediate action upon notification, with the latter pausing and migrating its incentive claim contract. ——No user funds were compromised—— the Berachain team confirmed, though the incident highlights growing risks in the 【$78 billion】 DeFi ecosystem.
The successful neutralization demonstrates the importance of collaborative security efforts in Web3. Researchers emphasize that contract initialization procedures require enhanced scrutiny, particularly for proxy implementations. As blockchain adoption grows, such coordinated responses will become increasingly critical to maintaining ecosystem trust.