Pepe Creator’s NFT Project Hit by North Korean Hackers
Matt Furie, the artist behind the iconic Pepe the Frog, probably didn’t see this coming. His recent NFT collaborations—meant to cash in on the digital collectibles boom—were drained of over $300,000 after a hacker infiltrated the team. The worst part? The attacker allegedly got in by posing as an IT hire.
According to crypto investigator ZachXBT, the breach happened late at night when someone transferred control of the minting contract for *Replicandy*, one of Furie’s NFT collections. The hacker then flooded the market with new tokens, crashing the price to zero. A few days later, three more collections were hit the same way.
But here’s the kicker: the attacker wasn’t some lone wolf. Evidence suggests they were part of a North Korean group, using a well-worn tactic—fake job applications. Chainsaw, the NFT firm Furie partnered with, apparently hired one of these hackers for an IT role. And if that wasn’t bad enough, another company, Favrr, fell for the exact same trick—but on a bigger scale.
A Shocking Lack of Scrutiny
Favrr, an NFT launch platform, lost $680,000 in a nearly identical scheme. This time, though, the hacker wasn’t just hired—they were given the role of *chief technology officer*. Let that sink in. A company handling millions handed the keys to a complete stranger with zero vetting.
ZachXBT’s investigation traced the stolen funds through blockchain transactions, linking them to known North Korean operatives. These groups have been increasingly active in crypto thefts, with the infamous Lazarus Group behind some of the largest hacks in recent years.
What’s baffling is how little resistance these projects put up. Favrr at least acknowledged the breach publicly. Chainsaw posted a vague warning before deleting it, and Furie himself hasn’t said a word. Both companies also disabled direct messages on X (formerly Twitter), making it impossible for ZachXBT—or anyone else—to get answers.
Why This Keeps Happening
Crypto scams aren’t new, but this level of carelessness is staggering. Hiring someone without basic background checks? Letting them access critical systems immediately? It’s like leaving your front door wide open and acting surprised when things go missing.
North Korean hackers have been exploiting this naivety for years. They target crypto projects because the money’s easy to steal and hard to trace—unless, of course, you’re someone like ZachXBT, who can follow the digital trail.
The real takeaway here isn’t just about stolen NFTs. It’s about an industry that still hasn’t learned to take security seriously. If companies can’t even verify who they’re hiring, how can anyone trust them with money?
For now, Furie’s collections are in shambles, Favrr is out nearly $700k, and the hackers are long gone. The only question left is who’s next.
