Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label NFT security breach. Show all posts
Web3 insider attack
blockchain hacks Crypto Theft Data Breach Favrr Replicandy ChainSaw hack minting contract exploit NFT security breach Web3 insider attack

Hackers Impersonate IT Staff to Drain $1 Million from NFT Projects in Days

 

NFT projects lost an estimated $1 million in cryptocurrency last week after attackers infiltrated their core minting infrastructure by posing as IT personnel. The breach affected the fan-token marketplace Favrr along with Web3 ventures Replicandy and ChainSaw, among others.

Onchain investigator and cybersecurity analyst ZackXBT reported that the perpetrators rapidly issued massive waves of NFTs, crashing floor prices to zero. They then liquidated their holdings before project teams could mount a response.

According to findings, the attackers quietly embedded themselves within development teams by using fake identities. With insider access to minting contracts secured, they unleashed thousands of tokens and NFTs in a matter of minutes.

The sudden influx of minted assets tanked floor prices and allowed the thieves to convert assets into liquid funds almost immediately. Within just a week, approximately $1 million disappeared from the affected treasuries. Favrr endured some of the heaviest losses as the attackers dumped tokens faster than the market could absorb them. Replicandy and ChainSaw were hit with similar tactics—Replicandy’s floor prices collapsed nearly instantaneously.

ChainSaw’s stolen crypto remains dormant in wallets, awaiting laundering operations to funnel the funds back through exchanges. ZackXBT noted, “Nested services then further obscured the money trail.”

Investigators revealed that onchain transactions moved the stolen assets through multiple wallets and exchanges, making the flow challenging to trace. Analysts warn that following mixed outputs could take weeks as exchanges comb through extensive transaction logs. This process slows or even prevents law enforcement from freezing compromised accounts.

In a related incident from May 2025, the Coinbase data breach exposed personal information of roughly 69,461 customers after contractors were bribed to hand over user details, sparking an extortion attempt against the platform.

The NFT and Web3 infiltration closely resembles the tactics of Ruby Sleet, a group that in November 2024 targeted aerospace and defense companies before pivoting to IT firms via fraudulent recruitment campaigns. Their strategy combined social engineering, credential theft, and malware to compromise systems.

Experts say these blockchain and NFT breaches highlight how open, irreversible ledgers amplify operational errors—especially when insiders gain privileged access. As ZackXBT underscored, “When insiders gain privileges, there’s often no undo button.”

Security professionals are advising NFT and Web3 organizations to adopt stricter zero-trust models that restrict each developer’s permissions. Requiring multi-party approvals before any large-scale minting can help prevent sudden attacks. Additionally, deploying real-time monitoring tools can quickly detect suspicious activity, while thorough code reviews and identity verification for every hire are critical to closing vulnerabilities before they can be exploited.
Read more »
Subscribe to: Posts (Atom)