BlockThreat - Week 27, 2026

$1.2M stolen across 3 incidents. A peaceful week with new intel on DPRK backdoors, social engineering tactics, and security research.

BlockThreat - Week 27, 2026

A highly unusual break from the recent run of 13+ exploit weeks. Either the bots have finally found every vulnerable project, the major LLMs have finally disable any security related work, or everyone is taking a much-needed break to watch the World Cup. Whatever the reason, I will gladly take even one week without projects getting rekt and DeFi users losing their life savings.

What this week lacked in live hacks, however, it more than made up for with a fascinating post-mortem that deserves a closer look.

On June 1, Artificial Financial Intelligence (AFI) sent up a warning flare after one of its vaults was exploited for approximately $480,000. The root cause was later identified as compromised private keys. As is often the case with key-related incidents, there was little onchain evidence showing how the attacker obtained them in the first place. Until now.

Last week, AFI released a detailed post-mortem revealing the exact tactic used by the attacker:

the attack appears to have involved an orchestrated social engineering campaign targeting members of our protocol team. The attacker, posing as an independent security researcher, submitted a vulnerability report accompanied by a trojanised Foundry proof-of-concept test suite.

The attack unfolded in several stages. The attacker first submitted a plausible vulnerability report to establish credibility, then followed up with a Foundry repository containing the backdoor.

The delivery mechanism took advantage of the Foundry's ffi = true setting, which allows Foundry tests to execute arbitrary external commands. A standard OpenZeppelin ERC-20 contract had been modified to include a vm.ffi call in its constructor. That call executed a remote shell script named erc20.sh, which installed the backdoor.

If this attack vector sounds familiar, it should. It closely mirrors the tactic used by the DPRK operative operating as “Nick L. Franklin” who was eventually caught sending a backdoored bug report to 1inch.

It is unclear whether this incident marks the return of the same threat actor or the work of a copycat. Either way, it offers two lessons the community clearly needs to hear again:

  • Treat all externally submitted code repos, documents, links as radioactive waste. Isolate them and inspect them only inside a hardened, disposable environment.
  • Do not store production keys on your daily machine or I will send Patrick Collins over with a chainsaw to personally chop that computer into pieces.

Now that we have that out of the way, let’s enjoy the peaceful week with more DPRK tradecraft involving backdoored Git repos, my selection of security talks from ETHConf 2026, the latest podcasts from Oak Security and ChainPatrol, and several excellent vulnerability writeups, including a stellar Aptos vulnerability analysis from the ninjas at Hexens.

The paid section below also includes a curated selection of the best new research on bug hunting techniques, AI-powered DeFi security, and much more.

Let’s dive into the news!