Munchables recovers $62.5 million in user funds after exploit linked to North Korean hacker

Munchables, a Web3 game running on Ethereum’s Layer 2 network Blast, recently successfully recovered $62.5 million lost to an exploit.

platform disclosed The attackers voluntarily provided all relevant private keys to facilitate the return of user funds. Keys were shared that held $62.5 million worth of ETH, 73 WETH, and the primary owner key.

Pac-Man, the creator of layer 2 networks, corroborated In this development, the hackers said they returned all the stolen funds without demanding any ransom.

Additionally, Pacman announced that $97 million was secured in multisig accounts managed by Blast’s core contributors. These funds will soon be redistributed to Manchable and other affected protocols.

he added:

“It is important that all development teams, whether directly affected or not, learn from this and take precautions to further ensure security.”


March 26th, Munchables warned Report exploits on the platform to the cryptocurrency community.On-chain investigator ZachXBT responds promptly identified Address where the stolen 17,413 ETH is stored.

According to research by ZachXBT, this exploit occurred due to the involvement of North Korean hackers among Munchables’ core developers.

Further research by ZachXBT Indicated Munchables said he was working with four developers connected to the hackers. Their GitHub usernames were NelsonMurua913, Werewolves0493, BrightDragon0719, and he was Super1114.

These four accounts likely belonged to one individual, as they approved each other’s work and financially supported each other’s wallets.

Solidity Developer 0xQuit Said The hacker performed the exploit by creating a backdoor that allocated a balance of 1,000,000 ETH before upgrading the contract implementation. This made it possible for the protocol to withdraw once it had accumulated a significant balance.

North Korean hackers

The incident sheds light on a common tactic employed by North Korean hackers who infiltrate crypto projects as developers and embed backdoors to facilitate future theft.

Ethereum developer Keone Hong Referenced A previous thread outlined signs that the developer may be a North Korean hacker. He said these individuals prefer his GitHub names such as SupertalentedDev726 and CryptoKnight415, incorporate numbers into their usernames and email addresses, and often use his Japanese ID.

he Said:

“If you see someone with an embarrassing background, a bunch of badges, and a bunch of big repositories with only one commit (to crush history), be careful.”

The post Munchables recovers $62.5 million in user funds after exploit linked to North Korean hackers appeared first on CryptoSlate.

Related Article


Leave a Comment