Extropy Security Bytes: w27 2025

Welcome to our security roundup for week 27! This edition delves into recent events that highlight the dynamic and ever-evolving nature of security in the Web3 space. From significant breaches impacting well-known entities to emerging threats posed by advanced AI and subtle cloud vulnerabilities, these incidents offer crucial lessons for projects and users alike. Our aim is to provide a comprehensive and informative overview, underscoring the continuous efforts required to build a more resilient and secure decentralized ecosystem.

State-Backed Cyberattacks on the Rise in Crypto Space

The first half of 2025 saw a demonstrable increase in state-backed cyberattacks within the cryptocurrency space, significantly contributing to the overall rise in crypto heists. Crypto heists reached $2.1 billion across 75 separate incidents in H1 2025, marking a 10% increase from the previous H1 record in 2022 and nearly matching the total for the entire year of 2024. The average theft size in H1 2025 nearly doubled to $30 million.

North Korean State-Affiliated Hacking Groups:

These groups continue to be a dominant force, responsible for approximately $1.6 billion of the total stolen assets in H1 2025. A notable incident attributed to North Korea was a massive $1.5 billion exploit targeting Bybit in February 2025, accounting for nearly 70% of all crypto thefts in H1 2025. Their motivation for these thefts is to support state initiatives, including military and nuclear development, and to evade global sanctions. The FBI has issued warnings about scammers linked to these groups using fake employment offers and malicious software. Additionally, an estimated $45 million was stolen from Coinbase users in the first week of May 2025 through social engineering scams, a problem identified as unique among major crypto exchanges, with an estimated annual loss of $300 million for Coinbase users due to such phishing attacks. German law enforcement has also taken action against eXch, a preferred laundering hub for North Korean groups, seizing data expected to aid in unraveling criminal enterprises.

Geopolitically Motivated Attacks (Iran-Israel Conflict):

In June 2025, Iran’s largest crypto exchange, Nobitex, was reportedly targeted. The pro-Israel hacking group Gonjeshke Darande (Predatory Sparrow) claimed responsibility, stealing an estimated $90 million to $100 million. This attack was primarily politically motivated, with hackers sending stolen funds to inaccessible “vanity addresses” containing political messages, effectively burning the funds to send a statement. Gonjeshke Darande also claimed to have leaked portions of Nobitex’s source code and infrastructure, potentially putting remaining user funds at risk. This incident aligns with escalating tensions in the region.

Common Attack Vectors:

While smart contract exploits still occur, a significant portion of the stolen funds in H1 2025, over 80%, resulted from infrastructure-based breaches, including stolen private keys, compromised seed phrases, and manipulated front-end interfaces. These attacks often exploit trust gaps and internal vulnerabilities. The FBI has highlighted the use of social engineering scams, including fake employment offers and malicious software. AI-enabled fraud is also a growing concern.

Breaching Ethereum’s Privacy Using a Simple Cloud Vulnerability

Recent security research by 0d, the offensive cybersecurity research team at dWallet Labs, has uncovered critical vulnerabilities at the intersection of Web2 and Web3 technologies. Their findings demonstrate how a simple cloud misconfiguration can lead to significant privacy breaches and financial exploits on major blockchain networks like Ethereum.

The Cloud Vulnerability: Exposed Loki Servers:

The core of the vulnerability lies in misconfigured or publicly exposed Loki servers, typically used for log aggregation in cloud infrastructures. This research highlights that neglecting the security of other ecosystem components like cloud infrastructures, web applications, and API gateways can be destructive. Researchers identified exposed Loki servers by searching for specific responses or by following “breadcrumbs” from Promtail servers, which often expose Loki server addresses in their configurations without authentication. For blockchain-focused research, they specifically looked for Promtail servers also exposing Ethereum RPC ports, leading to the discovery of “All That Nodes” (ATN), a Web3 company supplying public and private nodes, whose Loki server was accessible.

Exploitation Details: API Keys and IP Address Exposure:

Once access was gained to the ATN Loki server logs, several critical pieces of information were exposed:

• Cleartext API Keys: Logs contained client API keys in cleartext, which could be used for unlimited API access or Denial-of-Service (DoS) attacks.
• Client IP Addresses: When API calls were made from the client side (e.g., a website accessing an ATN API server to extract a wallet balance), the client’s IP address was recorded in the logs.
• Linking IP Addresses to Wallet Addresses for Privacy Breach: This IP address exposure became particularly problematic when dApps used ATN’s API. For example, the official bridge to the ZetaChain network, app.eddy.finance, used ATN's API node. When a user connected their MetaMask wallet to this site, the site accessed the ATN API, recording the user's IP address. Crucially, when eddy.finance configured MetaMask for ZetaChain, it set the network's RPC URL to be the ATN API server, meaning every subsequent transaction made by the user on ZetaChain via MetaMask would also record their wallet address and IP address in ATN logs. Since MetaMask often uses the same wallet address across multiple networks, researchers could link Ethereum wallet addresses to real-world IP addresses based on the collected data, compromising user anonymity.
• Impact on Decentralized Exchanges (DEXs): New MEV Attack Vector: The exposed logs also enabled a new type of Maximum Extractable Value (MEV) attack, creating significant economic impact on large DEXs. Attackers could monitor Loki server for eth_call simulation requests (sent by dApps to show expected swap outputs). If a simulation indicated a large swap, the attacker could then front-run the user's actual swap transaction, profiting from the price movement. This exploit flow was confirmed on DEXs using ATN API nodes, including SushiSwap for certain tokens.

Key Takeaways and Mitigations:

This research underscores that traditional Web2 security issues, particularly cloud and DevOps misconfigurations, can have significant real-world consequences for blockchains, DEX users, and the broader Web3 ecosystem. Recommendations include: dApp builders prioritizing secure web infrastructure and regularly auditing configurations; Web3 users being cautious with unknown dApps and preferring wallets with malicious dApp protection; wallets being vigilant when configuring RPC nodes; developers practicing secure secret management (e.g., using vaults); recognizing that complexity can introduce vulnerabilities; and understanding that Web2 and Web3 security best practices are converging.

Virtuals Protocol: Agentic AI Platform Highlights AI Hacking Landscape

Virtuals Protocol has emerged as a significant platform in the rapidly developing field of agentic AI within the Web3 ecosystem, operating as a hub for the deployment and monetization of AI agents primarily built on Base. This innovation, however, also highlights critical vulnerabilities in the broader AI hacking landscape. The market for AI agent-related tokens has seen rapid expansion, exceeding a $16 billion valuation, with Virtuals Protocol being a key player.

Key Aspects of Virtuals Protocol:

Virtuals hosts both informational agents (gathering data for decision-making) and conversational agents (engaging dynamically with users). Its economic model uses the native $VIRTUAL token, which benefits from transaction fees. The platform’s modular architecture integrates agent behaviors with GPU-enabled Stateful AI Runner (SAR) modules and a persistent long-term memory system. Prominent agents like AIXBT, known for market sentiment analysis with an 83% accuracy rate, operate within this ecosystem.

The AI Hacking Ecosystem: Vulnerabilities and Threats:

The increasing presence of AI agents introduces new attack vectors and amplifies existing security challenges. The intersection of Web2 and Web3 technologies creates critical vulnerabilities where seemingly simple cloud misconfigurations can lead to significant breaches.

The PAT-tastrophe Hack (Virtuals Specific):

In January 2025, a security research team uncovered a critical vulnerability in Virtuals’ ecosystem, leading to a $10,000 bounty. The core issue was the exposure of sensitive API keys (for AWS and Pinecone) found in API responses related to a GitHub repository, highlighting that “Git history is forever.” These keys granted the ability to modify any AI agent’s “Character Card,” which serves as the core programming instructing the AI. An attacker could, for example, reprogram thousands of trusted AI agents, including those with substantial market influence like AIXBT, to promote a scam cryptocurrency, potentially leading to significant financial losses and impacting trust in the AI-driven crypto ecosystem. The exposed Pinecone API key could also allow an attacker to manipulate data used by agents for Retrieval Augmented Generation (RAG) processes, influencing their knowledge and decision-making.

Broader Concerns in AI Hacking:

• Social Engineering and Phishing: Hackers are increasingly focusing on social engineering attacks targeting individual users, with significant amounts stolen from major exchanges through such scams. These attacks often trick users into handing over private keys or installing malicious software, with warnings issued by law enforcement. Recent password breaches further facilitate these attacks.
• Maximum Extractable Value (MEV) Attacks: Vulnerabilities from exposed logs can enable new types of MEV attacks, causing significant economic impact on DEXs. By monitoring logs for simulation requests, attackers can front-run large user swaps and profit from price movements.
• Privacy Erosion through IP-Wallet Correlation: Misconfigured Loki servers can inadvertently leak client IP addresses and API keys. When dApps or wallets connect to API nodes, the user’s IP address is recorded, allowing researchers to link Ethereum wallet addresses to real-world IP addresses, compromising anonymity.
• AI Agent Vulnerabilities: AI agents can be susceptible to being “gaslit” into losing millions, indicating potential vulnerabilities in their logic or data inputs. The “black box problem” highlights the lack of visibility into how AI systems arrive at conclusions, raising concerns over authenticity and bias.
• Centralization Risks and Misaligned Systems: Experts warn that “without decentralisation, centralised, misaligned systems will drive us off a cliff, especially with AI,” highlighting that underlying infrastructure often retains centralized points of control or data despite the Web3 ethos.

Mitigating Risks:

To address these vulnerabilities, dApp builders are urged to prioritize secure web infrastructure services and regularly audit their configurations. Web3 users should be cautious when connecting wallets to unknown dApps. Wallets should be vigilant when configuring low-reputation RPC nodes. Secure secret management, such as using vaults instead of storing secrets in Git history, is crucial. The complexity of Web3 and AI integration necessitates robust security at every layer, acknowledging that traditional Web2 cybersecurity practices are just as critical in the decentralized space.

This comprehensive overview highlights the multifaceted and continuously evolving nature of security threats in the Web3 ecosystem. From state-backed operations and smart contract vulnerabilities to the nuanced risks introduced by AI and cloud misconfigurations, staying informed and adopting a proactive security posture remains crucial for all participants. As the ecosystem matures, the collective commitment to robust security measures will be key to fostering greater trust and enabling sustained innovation.

Since 2017, Extropy has been at the forefront of blockchain security, auditing smart contracts across Ethereum and Zero-Knowledge (ZK) protocols. We have collaborated with leading ecosystems, including Base, Starknet, and MINA, ensuring their smart contracts are resilient, efficient, and secure.

We specialize in DeFi, on-chain games, and ZK applications, leveraging formal verification, static analysis, and deep manual reviews to uncover vulnerabilities before they become exploits. Whether you’re working with Solidity, Rust, Cairo, or zkVMs, our collaborative approach ensures your project meets the highest security standards.

- Website: security.extropy.io

- Email: info@extropy.io

Get in touch today — let’s build safer smart contracts together!