Yesterday’s $11 million hack of bitcoin (BTC) bridge Backyard was met with little sympathy from the crypto neighborhood, following allegations of its taking advantage of the proceeds of different hacks.
Acknowledging the incident, the staff insisted that the protocol itself wasn’t hacked. As a substitute, certainly one of its “solvers” was compromised, with losses “limited to the solver’s own inventory.”
Nevertheless, on-chain proof factors to the solver being run by the Backyard staff and blockchain investigators have accused the staff of trying to “downplay the incident” to be able to seem “decentralized.”
we’ve detected a compromise involving certainly one of backyard’s solvers.
the app is briefly offline whereas we full a full investigation.
the affect is proscribed to the solver’s personal stock — person funds and backyard protocol usually are not in danger.
we’ll share updates as quickly as we now have…
— Backyard 🌸 (@gardenfi) October 30, 2025
In line with Backyard’s docs, solvers act as market makers to facilitate bridging BTC and its wrapped varieties throughout chains. Certainly one of these solvers possible suffered a non-public key compromise.
The ensuing losses totalled round $11 million throughout Ethereum, BSC, and Solana.
Tanuki42, an investigator at zeroShadow, attributed the assault to “a DPRK-affiliated group known as DangerousPassword.” They recognized over $2 million of losses on Solana as originating from final month’s $41 million hack of Swissborg.
As to the identification of the solver, which the staff claims isn’t them, Tanuki42 and fellow blockchain investigator ZachXBT level to on-chain hyperlinks which counsel in any other case.
“Backtracing the initial gas funding,” Tanuki42 linked the compromised solver to REN and Keeper DAO addresses, which share staff members with Backyard.
In the meantime, ZachXBT highlighted an on-chain message apparently despatched by the Backyard deployer which states “our systems have been compromised.”
The message urges the exploiter to return funds and maintain a ten% bounty.
Backyard going through Zach-lash
Commentators had been fast to label the incident “karma,” provided that Backyard has been persistently criticized by the 2 investigators.
Two days previous to the hack, ZachXBT responded to Backyard’s founder celebrating a $2 billion quantity milestone that he “sincerely hope[s] a government puts your team in prison… after >25% funds bridged are stolen funds.”
In June, he additionally famous that Backyard’s founder ”conveniently omitted >80% of your charges got here from Chinese language launderers shifting Lazarus Group funds from the Bybit hack.”
He describes “watch[ing] in real time… as a single entity kept topping up cbBTC liquidity [for the] launderers.”
Tanuki42 can be “sick to death of DeFi protocols flexing record volumes when the majority of their usage is coming from illicit activity.”
Referencing a latest Multilateral Sanctions Monitoring Staff report, they accuse initiatives who do nothing about such exercise of “indirectly enabling DPRK to purchase weapons which are being used by Russia to kill Ukrainians.”
