A security disaster has rocked the NFT space after a hacker with suspected ties to North Korea infiltrated two crypto projects—one backed by Pepe the Frog creator Matt Furie—and siphoned off nearly $1 million in total.
The breach targeted Chainsaw, the platform behind several of Furie’s NFT collections, after it reportedly brought on the attacker under the guise of an IT specialist.
Once inside, the individual allegedly seized control of the minting contract for the “Replicandy” collection, triggering an overnight exploit that tanked its value and drained funds. Over the next five days, three additional collections were compromised, totaling about $310,000 in damages.
Blockchain investigator ZachXBT traced the wallet activity and linked the incident to known North Korean tactics, including fake identities and insider job applications—a technique that reappeared days later in another exploit. Favrr, a separate NFT launch platform, reportedly hired a fake candidate as Chief Technology Officer and suffered a $680,000 theft shortly afterward.
ZachXBT’s report also highlighted a disturbing pattern of silence. Chainsaw deleted its public alert, Furie has remained quiet, and both disabled direct messages on X. Only Favrr acknowledged the attack.
With North Korean-linked groups like Lazarus already behind some of the largest hacks in crypto history, the growing use of deception to bypass internal defenses raises fresh alarms. As the NFT market matures, analysts warn that project teams can no longer afford to neglect even basic security vetting.
Editorial Team
Reporter at Coindoo
Source: https://coindoo.com/nft-firms-fooled-by-fake-job-applicants-linked-to-north-korea/