dragon @jerrrychan928 - Twitter Profile

@BNBCHAIN @meta_alchemist Talked to a few security guys in the industry. I believe they were able to help track it and froze $200k at HTX, the rest seem to remain on-chain. Looks like North Korea DPRK. Major CEXs probably have these addresses on blacklists now. Good luck!

315

2K

130

18

130K

dragon @jerrrychan928

9 months ago

@meta_alchemist 👍👍

0

33

jerrrychan928 retweeted

Seedify

@SeedifyFund

9 months ago

Today at approximately 12:05 UTC, a DPRK state-affiliated group known for many hacks in Web3 gained access to one of our developer’s private keys. Using these, they were able to mint a large amount of SFUND tokens through a bridge contract that had previously passed audit. The OFT contract was compromised as a result, allowing the attacker to modify the contract settings and mint unauthorized tokens on Avalanche. This contract should not have been able to mint these tokens without any token being bridged. We used one of the most trusted and experienced auditors in the world to review these contracts and were assured that they were secure contracts that passed audits. We will be in touch with our auditors and security experts to review the security of all of our other infrastructure. These tokens were bridged to Ethereum, Arbitrum, and Base, where the attacker drained available liquidity pools, and subsequently bridged the maximum possible amount to BNB, where they were sold before we contained the breach. There is no ongoing risk to liquidity on BNBChain anymore, and we have paused all bridges. However, we advise against purchasing tokens on other chains until further notice. Once the issue was detected, we immediately coordinated with centralized exchanges to halt trading, blacklisted the attacker’s addresses across multiple chains, and revoked the compromised permissions. Once again, in addition to these: cross-chain bridges have been temporarily disabled. Importantly, this incident was limited to a compromised wallet’s minting privileges. Core contracts, user wallets, our website, and the underlying protocol remain unaffected. We deeply regret the impact of this incident and are committed to handling it with transparency. Further updates will be provided through our official channels. We want to extend our deepest gratitude to our community and partners, your incredible support means the world to us during this time. Since 2021, Seedify has been a home for builders and everyone dedicated to creating value in the Web3 ecosystem, through both bull and bear. This unfortunate event won’t stop us, it only ignited our team to build better and bigger from here. We also want to thank @zachxbt for connecting us with @zeroshadow_io to help us understand how the hack exactly happened and by whom. On-chain evidence: Ownership transfer from OFT contract owner to malicious entity: https://t.co/jEzBDU3gQz ETH hacked funds: https://t.co/bzCKADsifd BSC hacked funds: https://t.co/o1KBh0t3LN Attribution reference (DPRK Hacker): https://t.co/o1WcVcHq3b

216

586

115

73

151K