North Korean Hackers are involved in looting US$62M in Ether from Munchables

Web3 project Munchables experienced a significant loss of approximately US$62.5 million in ether (ETH) during the early hours of Wednesday due to the malicious manipulation of a contract, as indicated by blockchain data.

Munchables stated on X that it was actively monitoring the movements and making efforts to halt unauthorized transactions. This project operates on the emerging Blast blockchain and enables users to purchase and enhance traits for digital pets in exchange for tokenized rewards.

The individual responsible for transferring users’ funds to themselves before updating the platform’s smart contracts has been identified. According to blockchain investigator ZachXBT, the attacker, known as “Werewolves0493” on GitHub and purportedly affiliated with the Munchables team, is believed to be of North Korean origin, based on their GitHub commit history.

Recent reports from a UN Security Council document revealed that North Korean cyber groups have illicitly obtained an estimated US$3 billion in various tokens since 2017.

In response to the incident, numerous cryptocurrency developers and traders have advocated for a blockchain rollback to facilitate the recovery of misappropriated funds. A blockchain rollback involves reversing a sequence of confirmed transactions, commonly employed to nullify the impact of a cyberattack or other malicious activities leading to asset theft.