Known-threat-actor cluster has touched protocol

dYdX v4 (dYdX Chain)'s assessment for RD-F-158 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

T-09 phase-2 signal. No confirmed Lazarus/DPRK or other known threat-actor cluster touch on dYdX v4 Cosmos-chain addresses per public threat intelligence as of 2026-05-17. The Jan 2026 supply-chain attacker has no confirmed cluster attribution per Socket.dev and TheHackerNews reports. Cosmos-chain addresses require proprietary Chainalysis/TRM feed not available via public sources. dYdX proactively blocked EVM-side TC-linked user accounts in Aug 2022 demonstrating compliance awareness, not team contamination.

Sources #

URL
Malicious dYdX Packages Published to npm and PyPISocket.dev — no threat actor attribution in supply chain analysisretrieved 2026-05-17

Methodology #

Detect whether an address from the curator-maintained threat-actor cluster (past exploiters, labeled attacker families) interacted with this protocol in the last 30 days.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol dydx-v4 factor RD-F-158 score gray collected_at 2026-05-17 09:58:47