news 
North Korean Hackers Pose as IT Staff, Drain $1 Mln from Web3 Projects
A recent cybercrime wave has rocked the Web3 community, with hackers posing as IT staff successfully draining nearly $1 million from several NFT collections. The attacks are attributed to North Korean-linked groups, which have been responsible for 70% of all stolen crypto in 2025, including the record-breaking $1.5 billion Bybit hack.
The hackers’ modus operandi involves infiltrating Web3 projects by impersonating IT personnel and gaining insider access to NFT minting systems. They then manipulate the systems to generate large batches of tokens, offload them at scale, and trigger a market collapse, resulting in significant financial losses for project owners.
One of the affected projects was Favrr, which responded swiftly by implementing enhanced user safety measures. Unfortunately, some other affected projects have been less proactive in addressing the issue, with Chainsaw only issuing a brief warning before deleting it from their records.
The Replicandy and Peplicator NFT collections were among those targeted, resulting in losses totaling over $310,000. The Zogz project was also compromised, further amplifying the scope of the cybercrime wave.
On-chain analyst ZackXBT revealed the extent of the attacks, stating that ownership of the Replicandy contract was quietly transferred to a new address before funds were withdrawn and minting resumed, leading to a market crash.
The latest hack has raised concerns about the vulnerability of Web3 projects to exploitation by malicious actors. The incident highlights the need for stricter security measures, such as rigorous vetting procedures for IT personnel, to prevent similar attacks in the future.
In response to this growing threat, governments around the world are stepping up regulatory safeguards to protect the crypto industry from discriminatory banking practices and excessive regulatory pressure.
Source: ambcrypto.com
