Former Fuzzland Employee Behind $2M UniBTC Exploit
Smart contract analytics platform Fuzzland has disclosed that a former employee orchestrated a $2 million exploit against Bedrock’s UniBTC protocol in September 2024. According to a transparency report, the insider used social engineering, supply chain attacks, and advanced persistent threat techniques to access sensitive data and execute the attack.
UniBTC Exploit Details
The attacker exploited a vulnerability in UniBTC that was first identified during an internal emergency call. The former employee inserted malicious code, creating backdoors in engineering workstations that remained undetected for weeks. This allowed exploitation of a vulnerability initially reported by Dedaub.
Response and Remediation
Fuzzland compensated Bedrock for the $2 million loss and launched a joint investigation with security firm ZeroShadow. The company also filed reports with Chinese authorities and the FBI while collaborating with Seal 911 and SlowMist to enhance security standards across the industry.
Bedrock’s Market Resilience
Despite the breach, Bedrock’s total value locked (TVL) grew significantly from $240 million in September 2024 to $535 million by June 2025. This demonstrates strong user confidence in its multi-asset liquid restaking products, including UniBTC, UniETH, and UnilOTX.
Broader Crypto Security Implications
This incident highlights hackers’ increasing focus on social engineering over technical exploits. Blockchain security firm CertiK reports over $2.1 billion stolen in crypto attacks during 2025, primarily through phishing and wallet compromises.
