BlockThreat - Week 37, 2025

Greetings!

This week was a bloodbath. More than $57.5M was stolen across nine incidents with breached custodial staking providers, hacked frontends, backdoored supply chains, phished of individuals, chain reorged, bridges exploited, and plenty of DeFi protocol drained. All elements of our ecosystem were hit in one of the worst weeks this year.

But one exploit in particular could have caused losses in the billions were it not for an early discovery by the community. An NPM supply chain attack that compromised several extremely popular packages (billions of downloads per week) allowed attackers to inject a backdoor designed to drain users’ wallets. By sheer luck and plenty of onchain mockery the attack was detected early enough and community mobilized which left attackers with under $1k in profit from what could easily have been a Safe/Bybit-scale exploit. The biggest takeaway is that they will be back. So please implement proper package freezing and review into your dev pipelines.

Speaking of near catastrophes, the massive $41.5M Kiln/SwissBorg compromise is a stark reminder of the risks of trusting a third-party managed treasury or staking provider. In general, it’s sensible to let professional teams manage assets; however, it does not absolve one of prudent monitoring and in depth discussions about what security controls can be added to minimize risk. Since the incident, Kiln initiated an exit of all of its Ethereum validators.

Another interesting exploit this week was the Yala LayerZero OFT bridge hijack, which took advantage of a temporary deployment that used a known “local key.” Attackers raced to configure a recently deployed bridge on Solana to a malicious OFT contract on Polygon and started minting legitimate $YU tokens.

The last but not least, mass bridge compromises are back with the $3M Shibarium Bridge hack. One positive outcome was that a large portion of the attackers’ funds were blacklisted or locked out. However, how do you compromise 10(!) of 12 signer keys unless they’re stored and managed in the same place defeating the whole point?

Amid all these stories of hacks, it’s worth highlighting the unsung heroes and sponsors of this week’s edition - ChainPatrol. The good folks at ChainPatrol are doing simply amazing work protecting protocols’ brands, fighting the barrage of X phishing attacks, and quickly taking down scammers before they can do real damage.

Let’s dive into the news!

News

• The Great npm Heist That Wasn't by Rekt. A deep dive into a massive supply chain attack which luckily yielded almost no losses and plenty of mockery.
• DuckDB npm Account Compromised in Continuing Supply Chain Attack by Peter van der Zee Sarah Gooding (Socket).
• XMR experienced an 18 block reorg.

Crime

• Indian Call Center Scammers partner with Chinese Money Launderers by Gary Warner.
• California man sentenced to over four years for laundering $37 million in stolen crypto.
• US Treasury Sanctions 19 Southeast Asian Entities in $10B Cyber Scam Crackdown.
• After posting their goodbye note on BreachForums, Scattered Lapsus$ Hunters provided proof of access to FBI NICS (background check) and Google LERS (Law Enforcement Request System)

Policy

• US Government To Bring PATRIOT Act to Digital Assets.
• Burwick Law can now serve Pump Fun lawsuits via X. This was in response to Solana’s Yakovenko apparently dodging 9 attempts of serving him with the lawsuit targeting Pump Fun and those who enabled it.

Phishing

• THORSwap issues bounty offer tied to more than $1M exploit of THORChain founder's wallet. As was pointed out by ZachXBT, it is ironic that DPRK is attacking the very organization they are using for laundering funds.
• Lazarus Group Attacks in 2025: Here’s Everything SOC Teams Need to Know by Any.Run.
• Someone lost ~$1.54M due to signing EIP-7702 phishing batch transactions by Scam Sniffer.
• A report by Nick Bax on bad actors using Microsoft Teams in a fake meeting/podcast phishing campaign.
• You Didn't Get Phished — You Onboarded the Attacker.

Scams

• Intern Polymarket decided to make money on memecoins using the official Polymarket account.
• Aqua Scam Alert: "Rug Pull" is Becoming More Sophisticated.
• The problem in RWA Metrics by 0xngmi.

Malware

• Off Your Docker: Exposed APIs Are Targeted in New Malware Strain by Yonatan Gilvarg (Akamai). The latest iteration of the cryptominer malware.
• AsyncRAT in Action: Fileless Malware Techniques and Analysis of a Remote Access Trojan by Sean Shirley (LevelBlue). A deep dive into a nasty crypto and credential stealer.
• New ModStealer malware hunts crypto wallets with fake recruiter ads, evades antivirus detection.

Media

• Web3 Security Podcast with Anto Joseph hosted by Jack Sanford (Sherlock).
• How North Korea pulled off the world's biggest robbery by 7 News Spotlight.

Research

• How to Survive Supply-Chain Attacks by Caue Obici (OtterSec).
• How Sui Move rethinks flash loan security by Nicolas Donboly (Trail of Bits).
• Safe StableSwap-NG Deployment: How to Avoid Risks from Volatile Oracles by Viktor Yurov, Dmitry Zakharov (MixBytes).
• Securing Cosmos Appchains: A Trust-Aligned Guide to ABCI, Determinism, and IBC Integrity by Paul (Cantina).
• Auditing Step By Step: Part 1 by phil.
• Incident Post-Mortem: Reth Mainnet State Root Mismatch.
• How to drain an entire lending protocol when a new asset is accepted as collateral by Kankodu.
• Network-level Censorship Attacks in the InterPlanetary File System.
• Insecurity Through Obscurity: Veiled Vulnerabilities in Closed-Source Contracts.
• XChainWatcher: Monitoring and Identifying Attacks in Cross-Chain Bridges.
• SEASONED: Semantic-Enhanced Self-Counterfactual Explainable Detection of Adversarial Exploiter Contracts.
• Permission denied - The story of an EIP that sinned.
• SoK: Root Cause of $1 Billion Loss in Smart Contract Real-World Attacks via a Systematic Literature Review of Vulnerabilities.
• A Secure Sequencer and Data Availability Committee for Rollups (Extended Version).
• I Know Who Clones Your Code: Interpretable Smart Contract Similarity Detection.

Tools

• safe-tx-hashes-util by pcaversaccio now supports transaction simulation when reviewing Safe multisig transactions.
• SuiSource MCP Server by Alexey Posikera. A Model Context Protocol (MCP) server that can be used to fetch information about Sui projects and its packages, as well as download a package bytecode and decompile it using the Revela decompiler.

Hacks

Kiln, SwissBorg

Date: September 08, 2025
Attack Vector: API Key Theft
Impact: $41,500,000
Chain: Solana

References:

https://x.com/SolanaFloor/status/1965116689907089782
https://x.com/swissborg/status/1965123506477359471
https://x.com/CertiKAlert/status/1965122507687755803
https://x.com/shoucccc/status/1965126091334713838
https://swissborg.com/blog/joint-statement-kiln-x-swissborg-regarding-sol-incident
https://www.kiln.fi/post/kiln-responds-to-infrastructure-issue-with-validator-exit-funds-remain-protected
https://protos.com/swissborg-ceo-blames-41m-loss-on-staking-partner-kiln/
https://www.theblock.co/post/370141/kiln-exits-ethereum-validators
https://rekt.news/swissborg-rekt

Exploit:

https://solscan.io/tx/5DCPDEVrnVdM4jHgxYGtuuzvSubg15sSpkBCxexfuApRAfXEmNfokiTyj6bxE52QNGVbPnwm9L3YzcEoMHHEpLV

NPM Phishing

Date: September 08, 2025
Attack Vector:
Impact: $66

References:

https://x.com/SlowMist_Team/status/1965236512448282713
https://x.com/CertiKAlert/status/1965235082823958620
https://jdstaerk.substack.com/p/we-just-found-malicious-code-in-the
https://www.securityalliance.org/news/2025-09-npm-supply-chain
https://krebsonsecurity.com/2025/09/18-popular-code-packages-hacked-rigged-to-steal-crypto/
https://socket.dev/blog/npm-author-qix-compromised-in-major-supply-chain-attack
https://www.wiz.io/blog/widespread-npm-supply-chain-attack-breaking-down-impact-scope-across-debug-chalk
https://www.aikido.dev/blog/npm-debug-and-chalk-packages-compromised
https://slowmist.medium.com/threat-intelligence-analysis-of-the-large-scale-npm-package-poisoning-incident-7c806ab4e202

Exploit:

https://bsky.app/profile/did:plc:tcs6tvaixll4nz6bk5jqfxdu/post/3lydioq5swk2y?ref_src=embed

Evoq Finance

Date: September 09, 2025
Attack Vector: Key/Signer Compromise
Impact: $420,000
Chain: BSC

References:

https://x.com/Evoq_Finance/status/1965691948939014408
https://x.com/GoPlusSecurity/status/1965805930504974515

Exploit:

https://bscscan.com/tx/0x107911f665fd158d07532f8e44f56d1ad80e9b097fa19967f45b9d47c758ae62

Request Finance

Date: September 10, 2025
Attack Vector: Multisig Hijacking
Impact: $3,047,000
Chain: Ethereum

References:

https://x.com/realScamSniffer/status/1966389479016677873
https://x.com/RequestFinance/status/1966414484962160741
https://help.request.finance/en/articles/12275459-incident-report-september-10th-isolated-frontend-compromise-now-contained
https://drive.google.com/file/d/19UujuD3r8UDu6LWr4uB9eNvZc_T9SO_V/view

Exploit:

https://etherscan.io/tx/0xdca0ccb96c655448bbcf076c3961fa67577303e3b357d904c44bcd41dd909ecf
https://etherscan.io/tx/0xcfce03b649104c7c248d624bfc6676bcab8da97986bd6893f0fd2637f52e8b41
https://app.safe.global/home?safe=eth:0xe7c15d929cdf8c283258daebf04fb2d9e403d139
https://etherscan.io/tx/0x2ed88b7a179b32a129b85cdf94fe50c4d8acee78e9af3da69c12aea3dd29ca47

Degen Token

Date: September 11, 2025
Attack Vector: Key/Signer Compromise
Impact: $500,000
Chain: Base

References:

https://x.com/degentokenbase/status/1966420300205089035

Rescue:

https://x.com/pcaversaccio/status/1966441193941737632
https://basescan.org/tx/0x344237ab211385caa2db08a9bb20a012bf0c0c0c4c6919005dd28fb18d08625a

Exploit:

Shibarium, Shibarium Bridge

Date: September 12, 2025
Attack Vector: Key/Signer Compromise
Impact: $3,000,000
Chain: Shibarium, Polygon, Solana

References:

https://x.com/TikkalaResearch/status/1966610862149665126
https://x.com/0xZilayo/status/1966785029968724351
https://x.com/kaaldhairya/status/1966758608940515671
https://x.com/Shibizens/status/1966765953888198702
https://protos.com/on-chain-ransom-negotiations-show-shibaswap-hacker-wont-be-low-balled/
https://x.com/0xdefiturtle/status/1966590028621975845
https://rekt.news/shibarium-rekt

Attribution:

https://x.com/Whistleblowe007/status/1968481833672167587

Exploit:

https://etherscan.io/tx/0xe882a83afb92d6070b848ef025ae699ec043b7c2f31b21d2a08c94306f9b817e
https://etherscan.io/tx/0x6df7dcb5dac11355926abf2d9490af031619900de2e202dc780765222101007a
https://etherscan.io/tx/0x4f2be54f75769c02378467ab5627bdaebcbc50bebd50efb5174dd544c21d472a
https://www.shibariumscan.io/tx/0xa98f3d7ee4a6ac5663bb6f97449b561379f6c01af9bbc4363350149dd3f4b580

Kame

Date: September 13, 2025
Attack Vector: Arbitrary External Calls
Impact: $1,320,000 (Recovered $946,000)
Chain: Sei

References:

https://x.com/SuplabsYi/status/1966894700310524088
https://x.com/kame_agg/status/1966673964484489378
https://x.com/kame_agg/status/1966765239275581759
https://kameagg.substack.com/p/post-mortem-kame-aggregator-exploit

Exploit:

https://seiscan.io/tx/0x6150ec6b2b1b46d1bcba0cab9c3a77b5bca218fd1cdaad1ddc7a916e4ce792ec
https://github.com/SunWeb3Sec/DeFiHackLabs/blob/main/src/test/2025-09/Kame_exp.sol

Unkn_D9f4a3

Date: September 13, 2025
Attack Vector: Insufficient Function Access Control
Impact: $90,000
Chain: Base

References:

https://x.com/Phalcon_xyz/status/1967090244349841676
https://x.com/shoucccc/status/1966993289212817518

Yala

Date: September 14, 2025
Attack Vector: Misconfiguration
Impact: $7,640,000

References:

https://x.com/yalaorg/status/1967071910845649348
https://x.com/yalaorg/status/1968026376491110701
https://x.com/lookonchain/status/1967181490510520581
https://x.com/yalaorg/status/1967160350362542242
https://blog.yala.org/yala-post-mortem-september-14/