Bitcoin
$63,033.08-2.00%
Ethereum
$3,120.83-0.64%
Binance Coin
$595.39-2.63%
Solana
$136.60-5.06%
XRP
$0.51787552-2.49%
Dogecoin
$0.14578335-3.53%
Toncoin
$5.23-4.02%
Cardano
$0.45978511-3.52%
Shiba Inu
$0.00002481-2.94%
Avalanche
$34.20-3.81%
Tron
$0.11929972+1.57%
Wrapped Bitcoin
$63,164.31-1.87%
PlayIconNav
Crypto Prices CoinDesk 20 Index CoinDesk 20 Index
Countdown to Consensus 2024The largest and longest running event that covers all sides of Crypto and Web 3
32
DAYS
06
HR
04
MIN
51
SEC
Technology

Munchables Exploited for $62M, North Korea-Linked Exploiter Returns Private Keys to Web 3 Firm

The broader crypto community is calling for a controversial chain rollback in a bid to recover funds.

By Shaurya Malwa
AccessTimeIconMar 27, 2024 at 3:25 a.m. UTC
Updated Mar 27, 2024 at 6:50 p.m. UTC
VolumeMuteUnmute
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now
  • Munchables, a Web3 project on the Blast blockchain, suffered a hack that resulted in a loss of $62.5 million worth of ether (ETH).
  • The attacker manipulated a contract and transferred stored user funds before upgrading the platform’s smart contracts.
  • Blockchain sleuth ZachXBT linked the attacker to North Korea, with the hacking group allegedly stealing $3 billion worth of tokens since 2017.

Web3 project Munchables was drained of an estimated $62.5 million worth of ether (ETH) early Wednesday after a contract was maliciously manipulated, blockchain data shows.

Munchables said on X that the developer had shared all private keys to recover the funds.

The attacker apparently transferred the stored users’ funds to themselves before upgrading the platform’s smart contracts. Blockchain sleuth ZachXBT said the attacker was likely North Korean, based on their GitHub commit activity. They are listed on GitHub as “Werewolves0493” and allegedly worked for the Munchables team.

North Korean hacking groups have stolen an estimated $3 billion worth of various tokens since 2017, as per a UN Security Council report earlier this month.

Meanwhile, several crypto developers and traders called for a chain rollback to help recover the funds.

A blockchain rollback reverses a series of confirmed transactions. It is typically done to undo the effects of a hack or other malicious activity that resulted in the theft of funds or other assets.

UPDATE (March 27, 07:01 UTC): Updates headline and adds Munchables statement.

Edited by Shaurya Malwa.

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Shaurya Malwa
Shaurya Malwa

Shaurya is the Deputy Managing Editor for the Data & Tokens team, focusing on decentralized finance, markets, on-chain data, and governance across all major and minor blockchains.

Follow @shauryamalwa on Twitter

Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.