Munchables developer with ties to DPRK steals, then return $62.5m from protocol
A Munchables team member allegedly tied to North Korea stole over $60 million in crypto from the project, but then suddenly returned all the stolen funds after being revealed.
On Mar. 27, Blast-based gaming protocool Munchables suffered a multi-million hacker attack resulting in a loss of more than $62.5 million in Ethereum (ETH).
The Munchables team has acknowledged the potential involvement of one of their own members in an X post.
In a now-deleted Telegram post, blockchain sleuth ZachXBT posted an address tied to the hacker adding that the attacker is a “DPRK IT Worker.” Shortly after the news broke, Pixelcraft Studios Coder Dan revealed that his team had engaged in discussions with the hacker back in 2022 for game development work, noting that the individual in question had raised suspicions of potential ties to North Korean hackers.
“We actually gave this guy try a trial hire back in 2022 to do some game dev work and he was sketchy af, definitely felt like he could be a NK [North Korea] hacker. We fired him within a month.” Coder Dan
After the attacker’s identity was revealed, blockchain analytics identified multiple addresses associated with the hacker, many of which have on-chain traces with centralized exchanges like Binance, MEXC, and ChangeNOW.
Following the public revelation of the attacker’s identity and a rapid series of on-chain investigations, the perpetrator chose to return all the stolen funds. The Munchables team confirmed that the attacker had agreed to return all the stolen funds without any conditions attached. They also stated that the individual responsible for the breach had provided all relevant private keys to aid in the recovery of user funds.
Munchables is a relatively new gaming-focused decentralized finance (gamefi) application operating on the Ethereum layer-2 network Blast, which allows players to access in-game items in the form of non-fungible tokens (NFTs) through crypto staking.