Yesterday’s $11 million hack of bitcoin (BTC) bridge Backyard was met with little sympathy from the crypto neighborhood, following allegations of its cashing in on the proceeds of different hacks.
Acknowledging the incident, the workforce insisted that the protocol itself wasn’t hacked. As an alternative, one among its “solvers” was compromised, with losses “limited to the solver’s own inventory.”
Nevertheless, on-chain proof factors to the solver being run by the Backyard workforce and blockchain investigators have accused the workforce of making an attempt to “downplay the incident” as a way to seem “decentralized.”
we’ve detected a compromise involving one among backyard’s solvers.
the app is briefly offline whereas we full a full investigation.
the influence is restricted to the solver’s personal stock — consumer funds and backyard protocol are usually not in danger.
we’ll share updates as quickly as we’ve got…
— Backyard 🌸 (@gardenfi) October 30, 2025
In accordance with Backyard’s docs, solvers act as market makers to facilitate bridging BTC and its wrapped varieties throughout chains. Considered one of these solvers probably suffered a personal key compromise.
The ensuing losses totalled round $11 million throughout Ethereum, BSC, and Solana.
Tanuki42, an investigator at zeroShadow, attributed the assault to “a DPRK-affiliated group known as DangerousPassword.” They recognized over $2 million of losses on Solana as originating from final month’s $41 million hack of Swissborg.
As to the id of the solver, which the workforce claims isn’t them, Tanuki42 and fellow blockchain investigator ZachXBT level to on-chain hyperlinks which recommend in any other case.
“Backtracing the initial gas funding,” Tanuki42 linked the compromised solver to REN and Keeper DAO addresses, which share workforce members with Backyard.
In the meantime, ZachXBT highlighted an on-chain message apparently despatched by the Backyard deployer which states “our systems have been compromised.”
The message urges the exploiter to return funds and maintain a ten% bounty.
Backyard dealing with Zach-lash
Commentators had been fast to label the incident “karma,” on condition that Backyard has been persistently criticized by the 2 investigators.
Two days previous to the hack, ZachXBT responded to Backyard’s founder celebrating a $2 billion quantity milestone that he “sincerely hope[s] a government puts your team in prison… after >25% funds bridged are stolen funds.”
In June, he additionally famous that Backyard’s founder ”conveniently neglected >80% of your charges got here from Chinese language launderers shifting Lazarus Group funds from the Bybit hack.”
He describes “watch[ing] in real time… as a single entity kept topping up cbBTC liquidity [for the] launderers.”
Tanuki42 can also be “sick to death of DeFi protocols flexing record volumes when the majority of their usage is coming from illicit activity.”
Referencing a latest Multilateral Sanctions Monitoring Staff report, they accuse initiatives who do nothing about such exercise of “indirectly enabling DPRK to purchase weapons which are being used by Russia to kill Ukrainians.”
