Interchain Labs: North Korean-linked attackers were inadvertently introduced, no security issues found and the bounty doubled

ChainCatcher news, according to The Block, Interchain Labs has confirmed that between 2022 and 2024, an individual later identified as being linked to North Korea contributed to the Cosmos codebase while employed by a former maintainer.

The individual had limited access to the cosmos/IAVL and cosmos/cosmos-sdk codebases, and most of their contributed code has been deprecated or excluded from the roadmap, with independent audits finding no security vulnerabilities. To support transparency, ICL will offer a month of double bounties on the Cosmos HackerOne page for discovering vulnerabilities related to this participant's GitHub account.

After ICL took over core stack development, new security protocols were implemented to prevent further contributions, and the individual was denied reapplication for a position. ICL has conducted security upgrades on all Cosmos core codebases and will deprecate the related codebases in the future. This incident highlights the need for stringent security protocols in the Web3 and broader technology sectors.