365int
Pepe meme creator Matt Furie’s NFT projects got hit hard last week. Nearly $1 million vanished after hackers took control of their smart contracts. Ouch.
The attacker hijacked the “Replicandy” contract early on June 18. Within hours, they grabbed the minting money, reopened the sale, made new NFTs, and dumped them. Result? Floor price crashed to zero.
A few days later, they struck again. This time, they hit Peplicator, Hedz, and Zogz—more NFT contracts from ChainSaw, Furie’s studio. The hacker repeated the same trick: mint, sell, dump.
Crypto sleuth ZachXBT traced the stolen funds. He found links to wallets like 0xf6a9 and 0x9Fca, with some of the cash ending up on exchanges like MEXC.
The weird part? Wallets tied to two shady GitHub accounts—”devmad119″ and “sujitb2114″—popped up in the trail. Clues like Korean settings and fake U.S. résumés hint at North Korean IT workers.
Then came round two. Favrr, a freelance crypto token, got drained for $680K just after its DEX launch. The attacker used the same playbook. Payroll wallets paid out, and funds slipped into Gate.io and other shady lanes.
Favrr promised refunds and paused its MEXC listing. They’re now auditing everything and warning users to steer clear of fake tokens.
ZachXBT says Favrr’s CTO vanished from LinkedIn. Real James Bond vibes.
Both cases spotlight how risky it is to hire shadow devs from gig sites. No background checks = big trouble.
* Smart contract: self-executing code stored on blockchain
* Floor price: the lowest price an NFT is currently selling for
