Three days at ETHDenver with 20+ practitioner-led sessions, sharing what actually works (and calling out what doesn't). If you were there, you know. If you weren’t, this post is the next best thing.
Below are highlights from select presentations given by speakers from across the community. They represent a small slice of the full program, but it’s a good place to start. We hope to you will join us next year!
The CPIMP Backdoor: Anatomy of a Multi-Chain Proxy Attack
If a proxy's implementation is not initialized atomically with deployment, an attacker can front-run the init() call and set their own implementation. CPIMP is what happens after they do.
Rather than simply taking over the proxy, the attacker inserts a clandestine intermediary layer. This layer routes all legitimate calls through to the intended implementation, so the protocol appears to function normally. After each call, a postDelegateReset() function silently restores the clandestine proxy in the implementation slot if anything has changed. Upgrade attempts emit the expected events. Etherscan shows the legitimate implementation. Everything looks correct. The trick is that the attacker inserts the real implementation address into a storage slot from an older proxy standard, which Etherscan reads and displays while actual routing continues through the attacker-controlled layer. Some variants included nested CPIMPs and anti-recovery checks blocking transfers above 90% of balance.
The original flag came July 8, 2025 from @deeberiroz: "might have found something even bigger… this one is super messed up." The war room was run by SEAL 911. Partially affected protocols included EtherFi, Kip Protocol, Kinto Finance, Cap Money, Orderly Network, Berachain, Myx, Pendle, Origin Protocol, and others across Ethereum, Binance, Arbitrum, Base, Bera, Scroll, and Sonic. Every team that had to be contacted increased the risk of a premature leak before coordinated remediation was complete. Kinto Finance shut down as a result; their founder called it a black swan and contributed $130K+ toward user relief.
Credits to @deeberiroz for the find, @pcaversaccio (SEAL 911) for rescue operations and the Etherscan technique investigation, Yannis Smaragdakis for the postmortem and protocol impact queries, and Ruslan Kasheparov for the original flagging. The full postmortem is on the Dedaub blog.
Trafficked Trust: The Human Cost of Crypto Scams
With 20+ years hunting threat actors, most recently at Google/Mandiant and now SEAL, Dobs’ talk was about pig butchering, the long-con romance fraud operations that funnel victims into fake crypto investments.
He opened with a warning that the content was difficult and that it was fine to step out. The photos were his own. KK Park, Tai Chang, Shwe Kokko. Walled compounds in Myanmar, barbed wire, armed guards, no exits for the people being held inside. Over 400,000 trafficking victims globally, forced to run scams at gunpoint. The women used in romance lure photos are also victims, beaten if quotas aren't met.
The numbers are larger than most security people track. The conservative annual figure is $6.9 billion, more than ransomware, more than Lazarus at peak. Cryptocurrency is the movement layer. The scam scripts are refined across thousands of prior victims, and they work because people are lonely. COVID made that worse.
The asks for anyone working at an exchange, doing on-chain tracing, or building detection tooling were specific. Monitor OTC vendors in the Myanmar/Cambodia border region, flag wallets linked to compound activity, share indicators, fund the NGOs that are actually on the ground. Global ALMS is one: globalalms.com/join-us.
A documentary is in production, with a planned screening at EthCC.
When the AppleJeus GitHub Is Worth the Squeeze
This talk was a live OSINT methodology walk-through against Citrine Sleet (also tracked as AppleJeus, UNC4736, Gleaming Pisces, TraderTraitor), specifically how to surface their infrastructure and personas before an incident, not after.
The thread started with a known technique. Unit 42 and SlowMist had documented an unsafe YAML deserialization call in Slow Pisces malicious code. Searching GitHub for that exact pattern surfaced a repository called bitcoinmonitor, which pointed to the domain apopenrouter.ai, resolving to Namecheap infrastructure with 5,000+ subdomains. Pivoting on the account behind it surfaced a persona called Melany Jackson, connected to a fake Web3 project called CrestFi, complete with a GitHub org, LinkedIn page, Twitter account, and website, with npm and PyPI packages carrying the same deserialization signature already imported by real downstream projects. Further pivots surfaced additional personas with matching fingerprints, a cluster of associated email addresses, and a pattern of building plausible developer histories while seeding malicious packages into the ecosystem.
Recommendations: flag anomalous curl requests with unusual user agents, watch for executables packed in VMProtect or Themida or Code Virtualizer or Enigma, don't cache credentials in the browser, block Telegram and WhatsApp and LinkedIn messaging on corporate networks, use a VM for coding challenges and open-source collaboration, audit your dependencies. And when interviewing suspicious candidates, make them say something sufficiently unflattering about Kim Jong Un.
From Vibes to Vulnerabilities
The talk started with a failure. He tried to use OpenAI Codex to find the RCE in a Next.js patch right after it dropped. The model produced confident nonsense.
Rather than treating that as a conclusion, he started interrogating the model. It turns out the model isn't a bug oracle you query once and trust. It's a debugging assistant that needs to be pushed. Ask it what the code does. Ask why, then ask if it's really sure. He called this "5 Whys, 50 Whys, 5,000 Whys." When the model surfaces a finding, make it prove the vulnerability is real with a working PoC. It will confidently describe a bug, generate plausible-looking exploit code, and be entirely wrong. Keep pushing until either the bug collapses or a working exploit falls out.
He also covered what it looks like when AI safety guardrails interrupt mid-research, which happens more than you'd expect, and what actually works to maintain your thread without losing context. That process produced CVEs in Node.js, React, Ollama, Tether's password manager, Supabase, and WordPress, found by someone who had never done vuln research before.
On the blue team side, HackerOne saw a 210% spike in AI-generated reports. Bug bounty programs expanded 270% year-over-year. Prompt injection reports surged 540%. The cost of signal-to-noise falls entirely on human reviewers. Red teams get faster. Blue teams get busier.
The Aftermath
@griffgreen
Here’s the historical context most people in the space only know in outline: the original 2016 DAO hack, the fork and the years-long process of actually returning funds to thousands of individual claimants, logistics more complicated than the hack itself, requiring a functioning entity to be maintained across nearly a decade to see it through.
The funds remaining after returns are now being deployed to support security work across the ecosystem. The talk grounded TheDAO Security Fund's current work in that history, why the fund exists, how the mandate was shaped by what went wrong in 2016, and why operational security sits at the center of how they approach protecting what remains.
SEAL Certifications
The argument for building SEAL Certifications is that the industry audits smart contracts obsessively and barely looks at operations, and most fund losses today reflect that gap.
The live case study was SEAL's work with TheDAO Security Fund, which stewards ~70,000 ETH with no complex DeFi operations. They are exactly the kind of high-value target that gets hit through a signer compromise or a social engineering call to the wrong registrar, not a code exploit. When SEAL started working with them, none of those scenarios had a documented response. Building policies from scratch surfaced the key principle: slowness by design. Moving principal should be hard. Every layer should reinforce that. Threat models populate specific runbooks covering key compromise, malicious transactions, interface compromise, and validator issues.
The broader program covers four domains, Multisig Operations, Treasury Operations, Incident Response, and DevOps/Infrastructure/DNS. Over 30 organizations have engaged since the RFC launched in November 2025. Certification status is verifiable on-chain via EAS attestations.
- SEAL Certifications RFC: radar.securityalliance.org/request-for-comments-seal-certifications/
- SEAL Frameworks: frameworks.securityalliance.org/certs/overview
MFA Done Right
For unphishable, non-stealable credentials, the best recommendation is YubiKeys configured with passkeys and PINs. A passkey bound to hardware can't be phished because it never leaves the device and authentication is tied to the specific origin. A PIN means physical possession of the key alone isn't enough to authenticate.
The talk also covered common failure modes, TOTP codes intercepted by real-time phishing proxies, SMS codes redirected through SIM swaps, push notifications approved without context, all of which hardware passkeys defeat. The session included precise configuration steps for common platforms, covering the details most MFA guides skip over.
A Privacy-First Approach to Web3 OPsec
Most people at a crypto conference are carrying several wireless radios and have no idea what they're broadcasting. This talk demonstrated what an attacker can actually do with those signals. The room got quieter as it went on.
Wi-Fi probe requests broadcast the names of networks your device has previously connected to, your home network, your workplace, your travel history, available passively to anyone nearby. Bluetooth signals from wearables, hardware wallets, and laptops are persistent enough to function as stable identifiers even when MAC addresses rotate. A Whoop band or a hardware wallet advertising over Bluetooth is sufficient to track a specific person across multiple days at a conference, correlate their movements with on-chain activity, and identify when and where transactions are occurring.
The opsec takeaways were straightforward. Disable Wi-Fi when not in use, turn off Bluetooth when not actively pairing, and treat conference environments as hostile radio environments by default.
See You Next Year
darkMode 2026 was our first public conference. Follow @_SEAL_Org and subscribe to our newsletter for darkMode 2027 details.