A report has caught my attention recently. According to the ETH Rangers Security Project report published by the Ethereum Foundation, during a six-month research period, investigators uncovered a truly alarming situation: approximately 100 state-backed cyber operators were identified. Among them are covert hacker groups from North Korea, and they are actively operating within Web3 projects.

The report’s details are even more interesting. By tracking entities such as the Lazarus Group and the Ketman Project, the researchers observed how these actors operate. They also presented their findings at international security conferences such as DEF CON. In short, these hacker groups infiltrate development teams using fake identities, gain access to financial flows, and move into technical positions. Some carry out their work under the guise of “remote IT workers.”

The results are serious. The Ethereum Foundation and its partners have frozen or recovered funds exceeding $5.8 million. More than 785 security vulnerabilities were reported, and 36 security incidents were resolved. Approximately 53 blockchain projects were warned about these threats. These figures show that the Web3 ecosystem is facing not only open-source attacks, but also systemic, state-level threats.

For me, the most important takeaway is this: the Ethereum Foundation and the community have understood that this requires “decentralized defense.” Security of a single point is not enough; the entire network’s security awareness must be raised. Threat intelligence and research efforts must continue. The crypto industry should be prepared to handle this kind of national-level cyber threat.