Simply one other day in DeFi: A hack, a rug-pull, and $10M saved
The decentralized finance (DeFi) sector is a monetary frontier zone, house to a few of crypto’s most risk-on experiments.
Consequently, few days go by with out a dose of DeFi drama. Nevertheless it’s not all unhealthy information…
Backdoor vulnerability left $10M in danger
Safety researchers at VennBuild introduced the invention of a “critical backdoor” vulnerability, wherein suspected North Korean hackers had laid a entice affecting “thousands of smart contracts, leaving over $10,000,000 at risk for months.”
We @VennBuild simply found a essential backdoor on 1000’s of sensible contracts leaving over $10,000,000 in danger for monthsAlong with the assistance of safety researchers @dedaub @pcaversaccio, the seals staff @seal_911 and others, we managed to rescue nearly all of funds…
— deebeez (@deeberiroz) July 9, 2025
Learn extra: Whitehat hacker rescues $1.5M from first DeFi hack of 2025
Uncovered together with different researchers from Dedaub and the DeFi Safety Alliance (SEAL), the plot concerned front-running the initialization of proxy contracts to malicious variations, while masking their tracks through spoofed logs.
A VennBuild researcher, going by the X deal with “deebeez,” defined: “The backdoor gave hackers full control, forwarding calls to the original contract while [block explorer] Etherscan showed no issues.”
They believe the traps have been set by “a sophisticated group waiting for a bigger target, not small wins,” and as such hadn’t but been exploited.
“We stayed stealthy to avoid tipping them off. A high-stakes game.”
Hacker supplied 10% bounty in the event that they return Texture’s USDC
Worse luck got here for Solana-based lending platform Texture, which introduced a hack of $2.2 million from its USDC Vault contract final evening.
We now have found a safety breach of the Texture Vaults contract, consumer funds within the quantity of USDC 2.2m have been compromised, the breach appears to be restricted to the USDC vault. Our staff has recognized the vulnerability and is working to deploy a repair. We’re establishing a conflict…
— Texture (@texture_fi) July 9, 2025
Learn extra: Circle dragged for dragging toes as DeFi protocol GMX hacked
The staff took to X to supply the perpetrator a ten% bounty in the event that they returned the remaining funds. Taking a hardball method to the negotiations, they are saying the hacker “made an opsec mistake, but it’s not too late to avoid escalating the situation.”
The unhealthy cop routine seems to have spooked the thief, who has now returned 90% of the funds, in keeping with the Texture staff.
Earlier the identical day, a $42 million hack hit decentralized perps alternate GMX on the Arbitrum community.
The results weren’t restricted to GMX itself, nevertheless. Lending platform Abracadabra suffered “collateral” injury of $9 million in a market utilizing GMX’s (exploited) GLP token as collateral.
Many GMX v1 forks have been additionally feared to be susceptible to an analogous assault.
Kinto accused of rug-pull
Screenshots of purple candles aren’t unusual on any crypto fanatic’s timeline, however the latest value motion of Kinto’s Okay token was extra eye-catching than most.
chat what can we name this sample? that is kinto btw pic.twitter.com/XiFrMRsNWn
— OxTøchi 
(@OxTochi) July 10, 2025
Learn extra: DWF Labs-backed USDf depegs as purple flags raised over high quality of backing
Whereas many have been fast to accuse the staff of a rug-pull, insiders promoting giant portions of tokens and crashing the worth, it seems there’s extra to the story.
Granted, Kinto’s preliminary response was suspiciously imprecise and solely served to fire up suspicion. One X consumer replied merely, “This doesn’t even address the issue,” whereas others accused the staff of rugging by promoting “their bags.”
Nonetheless, a later replace described an eerily related state of affairs to the proxy backdoor entice uncovered by VennBuild and others.
Kinto co-founder Ramon Recuero says a “state actor… upgraded the implementation of the K token on Arbitrum and used it to mint fake K tokens that they dumped immediately,” including that “Arbiscan didn’t detect the bogus proxy implementation.”
It seems like, in DeFi, chaos isn’t the exception however the rule.
Received a tip? Ship us an e mail securely through Protos Leaks. For extra knowledgeable information, observe us on X, Bluesky, and Google Information, or subscribe to our YouTube channel.
The put up Simply one other day in DeFi: A hack, a rug-pull, and $10M saved appeared first on Protos.
