BlockThreat - Week 37, 2025

SwissBorg, Kiln, NPM, Yala, ThorSwap, Evoq, Request, Shibarium, Kame, Degen

Peter Kacherginsky

22 Sep 2025 • 6 min read

Greetings!

This week was a bloodbath. More than $57.5M was stolen across nine incidents with breached custodial staking providers, hacked frontends, backdoored supply chains, phished of individuals, chain reorged, bridges exploited, and plenty of DeFi protocol drained. All elements of our ecosystem were hit in one of the worst weeks this year.

But one exploit in particular could have caused losses in the billions were it not for an early discovery by the community. An NPM supply chain attack that compromised several extremely popular packages (billions of downloads per week) allowed attackers to inject a backdoor designed to drain users’ wallets. By sheer luck and plenty of onchain mockery the attack was detected early enough and community mobilized which left attackers with under $1k in profit from what could easily have been a Safe/Bybit-scale exploit. The biggest takeaway is that they will be back. So please implement proper package freezing and review into your dev pipelines.

Speaking of near catastrophes, the massive $41.5M Kiln/SwissBorg compromise is a stark reminder of the risks of trusting a third-party managed treasury or staking provider. In general, it’s sensible to let professional teams manage assets; however, it does not absolve one of prudent monitoring and in depth discussions about what security controls can be added to minimize risk. Since the incident, Kiln initiated an exit of all of its Ethereum validators.

Another interesting exploit this week was the Yala LayerZero OFT bridge hijack, which took advantage of a temporary deployment that used a known “local key.” Attackers raced to configure a recently deployed bridge on Solana to a malicious OFT contract on Polygon and started minting legitimate $YU tokens.

The last but not least, mass bridge compromises are back with the $3M Shibarium Bridge hack. One positive outcome was that a large portion of the attackers’ funds were blacklisted or locked out. However, how do you compromise 10(!) of 12 signer keys unless they’re stored and managed in the same place defeating the whole point?

Amid all these stories of hacks, it’s worth highlighting the unsung heroes and sponsors of this week’s edition - ChainPatrol. The good folks at ChainPatrol are doing simply amazing work protecting protocols’ brands, fighting the barrage of X phishing attacks, and quickly taking down scammers before they can do real damage.

Let’s dive into the news!

News

The Great npm Heist That Wasn't by Rekt. A deep dive into a massive supply chain attack which luckily yielded almost no losses and plenty of mockery.
DuckDB npm Account Compromised in Continuing Supply Chain Attack by Peter van der Zee Sarah Gooding (Socket).
XMR experienced an 18 block reorg.

Crime

Policy

US Government To Bring PATRIOT Act to Digital Assets.
Burwick Law can now serve Pump Fun lawsuits via X. This was in response to Solana’s Yakovenko apparently dodging 9 attempts of serving him with the lawsuit targeting Pump Fun and those who enabled it.

Phishing

THORSwap issues bounty offer tied to more than $1M exploit of THORChain founder's wallet. As was pointed out by ZachXBT, it is ironic that DPRK is attacking the very organization they are using for laundering funds.
Lazarus Group Attacks in 2025: Here’s Everything SOC Teams Need to Know by Any.Run.
Someone lost ~$1.54M due to signing EIP-7702 phishing batch transactions by Scam Sniffer.
A report by Nick Bax on bad actors using Microsoft Teams in a fake meeting/podcast phishing campaign.
You Didn't Get Phished — You Onboarded the Attacker.

Scams

Malware

Off Your Docker: Exposed APIs Are Targeted in New Malware Strain by Yonatan Gilvarg (Akamai). The latest iteration of the cryptominer malware.
AsyncRAT in Action: Fileless Malware Techniques and Analysis of a Remote Access Trojan by Sean Shirley (LevelBlue). A deep dive into a nasty crypto and credential stealer.
New ModStealer malware hunts crypto wallets with fake recruiter ads, evades antivirus detection.

Media

Web3 Security Podcast with Anto Joseph hosted by Jack Sanford (Sherlock).
How North Korea pulled off the world's biggest robbery by 7 News Spotlight.

Research

Tools

safe-tx-hashes-util by pcaversaccio now supports transaction simulation when reviewing Safe multisig transactions.
SuiSource MCP Server by Alexey Posikera. A Model Context Protocol (MCP) server that can be used to fetch information about Sui projects and its packages, as well as download a package bytecode and decompile it using the Revela decompiler.