ChainThink reports that the Ethereum Foundation recently released a summary report on the ETH Rangers security initiative, revealing that researchers identified approximately 100 suspected state-sponsored cyber actors during a six-month security funding program, including infiltrators from North Korea (DPRK), who had compromised multiple Web3 projects.
According to the official announcement, the investigation was advanced through projects such as the "Ketman Project." Researchers issued warnings to approximately 53 blockchain projects, where individuals infiltrated development teams under false identities, participated in fund transfers and technical roles, and some associated funds—amounting to hundreds of thousands of dollars—have been frozen.
This security funding program has collectively frozen or recovered over $5.8 million in funds, documented more than 785 vulnerabilities, and addressed 36 security incidents.
The security team has also integrated this intelligence into its threat analysis framework for the Lazarus Group and disclosed it at security conferences such as DEF CON, demonstrating that the current security threats to the Ethereum ecosystem have escalated from isolated vulnerability exploits to systemic risks involving state-sponsored actors.
The report indicates that North Korea-linked hackers have also infiltrated projects through methods such as "remote IT workers," employing various attack vectors including account takeovers, penetration of freelance platforms, and fund transfers, making them a key focus of industry defense efforts.
The Ethereum Foundation emphasizes that securing decentralized networks requires a "decentralized defense," and it will continue to support security research, threat intelligence, and talent development to address escalating state-sponsored cyber threats.