Several NFT collections backed by the creator of Pepe, Matt Furie, were hit by a significant cyberattack following the accidental hiring of a North Korean national for an IT position. The same group was also responsible for a separate attack on another company, Favrr, resulting in a combined loss of approximately $1 million. The incident highlights serious security vulnerabilities within the NFT and cryptocurrency sectors, as well as the growing threat posed by state-sponsored hacking groups.

The breach occurred when Furie partnered with Chainsaw, an NFT development firm that reportedly hired the individual for an IT role. This person was later identified as part of a malicious group linked to North Korea. Meanwhile, Favrr, an NFT launch platform, had also employed someone for the role of Chief Technology Officer, further exposing the company to risks due to inadequate vetting procedures.

Pepe, the iconic cartoon frog, has become a popular subject for meme coins and digital collectibles, but its original creator, visual artist Matt Furie, has no formal connection to these projects. Furie first introduced the character around two decades ago, and while it has since gained a large following in the crypto space, his involvement in the NFT sector was a recent endeavor aimed at leveraging the growing market.

By collaborating with Chainsaw to create and launch NFT collections, Furie sought to capitalize on the rising popularity of non-fungible tokens. However, the project was severely impacted when a North Korean-based hacker group allegedly exploited a critical security flaw. According to ZachXBT, a well-known crypto investigator, the breach involved an insider who transferred the minting contract for one of Furie’s NFT collections, Replicandy, during the early hours of the night.

Once the contract was compromised, the attacker began minting NFTs at an alarming rate until the price floor dropped to zero. Over the course of five days, the same method was used on three additional collections, generating roughly $310,000 in illicit gains. To avoid detection, the hackers had to launder their proceeds, leaving behind a trail of blockchain data that ZachXBT was able to analyze and trace back to North Korean actors.

The attackers used a common tactic by creating a fake profile to apply for an IT position within the project. This allowed them to bypass standard security protocols with minimal effort. A few days after the initial breach, another company, Favrr, fell victim to the same scheme. The group managed to steal $680,000 from the NFT platform, using the same method and likely the same individuals.

This second attack was particularly concerning not only because of the scale of the loss but also due to the level of negligence displayed by Favrr. The company had hired the same fake candidate for the role of CTO, indicating a severe lack of due diligence in the hiring process. Such lapses in security have raised alarms within the industry, especially given the increasing presence of North Korean hacking groups like the Lazarus Group, which has been linked to some of the largest cyberattacks in cryptocurrency history.

ZachXBT has previously warned about the surge in North Korean cyber activities, particularly in the crypto space. The current wave of attacks underscores the broader trend of rising crypto-related crime, yet many affected companies failed to implement even basic security measures. In addition to the financial losses, the lack of transparency and communication from the involved parties has further complicated the situation.

Favrr is the only company that issued a public statement regarding the incident, while Chainsaw briefly posted a warning that was later removed. Matt Furie has remained silent, and both organizations have disabled direct messaging on X, making it difficult for investigators and affected users to seek further information. ZachXBT attempted to contact all relevant parties but was unable to obtain responses or additional details.

以上内容由悟空财富根据公开信息整理，与本站立场无关，如存在问题请联系我们，本文为数据整理，不对您构成任何投资建议，投资有风险，请谨慎决策。