news 
North Korean Hackers Pose as IT Staff, Drain $1 Mln from Web3 Projects
In a shocking turn of events, it has come to light that North Korean-linked hackers have posed as IT staff and drained nearly $1 million from various Web3 projects. According to sources, these cunning cyber-criminals infiltrated the affected NFT collections by pretending to be legitimate IT personnel.
It is reported that the attackers gained insider access to several high-profile projects, including Favrr, Replicandy, and ChainSaw, among others. Once inside, they exploited the systems to manipulate NFT minting processes, generating massive quantities of tokens before dumping them on the market, resulting in a catastrophic collapse in value.
As a result, multiple Web3 projects have suffered substantial financial losses, with estimated damages reaching over $310,000. The hackers’ tactics were so sophisticated that it took several days for project teams to realize what had occurred and take corrective measures.
This latest incident highlights the severe vulnerability of Web3 platforms, particularly those relying on lax vetting procedures in IT hiring practices. Furthermore, it underscores the urgent need for robust security protocols to prevent similar attacks from occurring in the future.
It is also worth noting that North Korean-linked hackers have been responsible for a staggering 70% of all cryptocurrency thefts in 2025, including the massive $1.5 billion Bybit hack earlier this year. These malicious actors have further extended their reach beyond digital assets, having infiltrated U.S. defense contractors and IT firms through clever social engineering tactics.
As a result of these shocking revelations, governments around the world are taking swift action to protect the Web3 industry from discriminatory banking practices and excessive regulatory pressure. The Trump administration has recently proposed an executive order to prohibit financial institutions from targeting crypto-related businesses, aiming to shield the sector from undue restrictions. Additionally, lawmakers have introduced legislation like SAB 121, aimed at clarifying the rules surrounding stablecoins and digital assets.
Meanwhile, Australia has quickly responded by capping cash transactions at AU$5,000, strengthening identity checks, and providing real-time scam alerts. These collective efforts reflect a unified global push towards a more secure and responsible Web3 environment.
Sources have revealed that this breach was perpetrated using a methodically executed strategy, with the hacker group manipulating the Replicandy contract by quietly transferring ownership to a new address and then withdrawing minted proceeds before resuming minting operations, ultimately causing a crash in market value.
Source: ambcrypto.com
