On July 9, security researchers at VennBuild and other firms disclosed a “critical backdoor” affecting thousands of smart contracts, which one of the researchers said left “over $10,000,000 at risk for months”. The researchers suggested that the backdoor was likely created by Lazarus, a North Korean state-sponsored hacking group.According to the researchers, they found thousands of contracts affected by the exploit, and worked with multiple protocols to upgrade contracts or withdraw vulnerable funds. The researchers theorized that the attackers were “likely a sophisticated group waiting for a bigger target, not small wins.”