Seedify Breach Sees SFUND Tokens Illicitly Minted by North Korean Hackers
DPRK-linked hackers compromised a developer private key, minting fake SFUND tokens across multiple chains, leading to a liquidity drain of over $1.2 million. Investigations into the breach are ongoing.
ETH
BNB
ARB
Fact Check
Multiple independent sources corroborate that there was a breach of Seedify's bridge contract, which resulted in the illicit minting of SFUND tokens. Several pieces of evidence, including reports quoting former Binance CEO Changpeng Zhao, explicitly link the exploit to North Korean (DPRK) hackers, although some use the qualifier 'likely'.
Summary
Seedify reported a breach where hackers used a stolen developer private key to mint SFUND tokens, transferring them across Ethereum, Arbitrum, and Base. The hacker drained liquidity and sold tokens on BNB Chain, holding over $1.2 million in BNB. Suspicious funds were frozen on HTX, and exchanges blacklisted related addresses. Investigations are ongoing, with suspicions of North Korean involvement. Cross-chain bridges have been suspended.
Terms & Concepts
- Private Key: A cryptographic key that grants access to and control over cryptocurrency assets, requiring secure storage to prevent unauthorized use.
- Bridge Suspension: The temporary disabling of cross-chain transfer mechanisms to prevent further asset movement during a security incident.
- Liquidity Drain: The removal of funds from a market's liquidity pool, reducing available trading volume and potentially destabilizing token prices.