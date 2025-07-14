Thousands of smart contracts with over $10 million in funds were discovered by Venn Network researcher Deebeez to have been compromised with a backdoor in a suspected attack by the North Korean hacking collective Lazarus Group, according to Cybernews.
Despite the months-long exposure of the smart contracts, most of the funds have been recovered following efforts after a 36-hour effort conducted alongside Dedaub and SEAL 911 team researchers, said Deebeez, who noted that threat actors' exploitation of uninitialized ERC1967Proxy contracts enabled not only malicious implementations but also the impersonation of Etherscan UI. "Some protocols reconfigured contracts, others upgraded to withdraw $100Ks safely. We secured major DeFi protocols and bridges before the hacker acted," Deebeez added. Further analysis by Artem Chystiakov revealed the attack to involve proxy contract injection as a nefarious implementation prior to the retrieval of the actual implementation.
