Back
Ethereum Foundation Says ETH Rangers Helped Recover or Freeze $5.8 Million

Ethereum Foundation Says ETH Rangers Helped Recover or Freeze $5.8 Million

According to the Ethereum Foundation, the six-month ETH Rangers program identified suspected DPRK-linked operatives, warned dozens of blockchain projects, and reported hundreds of vulnerabilities while responding to security incidents.

ETH

Fact Check
The claim is directly supported by the official Ethereum Foundation post "ETH Rangers Program Recap." That source says the six-month ETH Rangers Program had outcomes from 17 stipend recipients and lists consolidated results including over 785 vulnerabilities, client bugs, and proof of concepts reported or cataloged, plus over 209,000 views and users reached with threat awareness and investigative content. The same post also states that over $5.8 million in funds were recovered or frozen, matching the headline context. The English-localized version at https://blog.ethereum.org/en/2026/04/16/eth-rangers-recap contains the same figures. A secondary article from crypto.news is consistent with the official recap, though the Ethereum Foundation blog is the decisive evidence.
    Reference12
Summary

In an official announcement, the Ethereum Foundation said its six-month ETH Rangers program helped recover or freeze more than $5.8 million and identified about 100 suspected state-backed operatives. The foundation said researchers warned 53 blockchain projects, reported more than 785 vulnerabilities and client issues, and helped handle 36 security incidents. The report linked ongoing Web3 infiltration efforts to DPRK operatives and Lazarus Group-related threats, adding more detail to the program’s security findings.

Terms & Concepts
  • ETH Rangers: An Ethereum Foundation-backed security program that supports researchers working on vulnerability reporting, incident response and ecosystem protection.
  • Vulnerabilities: Security weaknesses in software or systems that attackers can potentially exploit to cause loss, disruption or unauthorized access.
  • Lazarus Group: A threat actor widely associated with North Korean cyber operations and linked to hacking and theft campaigns affecting crypto and broader digital systems.