Recent cybersecurity investigations led to the neutralization of a critical vulnerability threatening numerous smart contracts and potentially resulting in the theft of over $10 million in cryptocurrency.
Discovery of Vulnerability
On Thursday, Venn Network researcher Deeberiroz reported that a backdoor exploit had been unnoticed in the ecosystem for months. The vulnerability related to uninitialized ERC-1967 proxy contracts, allowing malicious actors to hijack contracts before they were properly set up.
Intrusion of Malicious Actors
Or Dadosh, co-founder and president of Venn Network, noted that the attacker front-ran contract deployments and injected malicious implementations. According to Dadosh, 'in simple terms, the attacker exploited certain deployments which allowed them to hide a backdoor in thousands of contracts.' This vulnerability had remained unnoticed for months, making malicious activities hard to detect.
Contract Response and Pause
The Berachain team responded to the situation by pausing the affected contract. The Berachain Foundation acknowledged the potential vulnerability and transferred funds to a new contract. Venn Network researcher David Benchimol suspects that the notorious North Korean hacking group Lazarus could be involved in the attack, though there is no confirmation of this.
The operation to discover the vulnerability highlights the importance of collaborative efforts among security researchers to prevent significant losses in the crypto ecosystem and protect user assets.