A set of NFT collections tied to Matt Furie, the creator of the Pepe meme, and the ChainSaw studio have been hit by a string of contract hijacks that led to greater than $1 million being stolen. Attackers took management of mint contracts, drained income, and issued new tokens, wiping out worth and leaving collectors surprised. Many followers had been shocked to see the Pepe creator’s NFT initiatives focused by attackers with deep entry to mint features.
The theft wasn’t a one-time hit. It unfolded in phases, throughout a number of days and a number of collections, suggesting cautious planning and a deep understanding of how the initiatives had been structured. The truth that the attackers gained management from contained in the contract degree has triggered critical considerations throughout the NFT neighborhood.
How the Assault Performed Out
It started within the early hours of June 18 when the Replicandy mint contract, a part of ChainSaw’s ecosystem, was taken over. Possession was quietly transferred to a brand new handle. That gave the attacker full management. They emptied the mint funds after which reopened the contract to create new tokens. These had been pushed out quickly, flooding the market and crashing costs.
1/ A number of initiatives tied to Pepe creator Matt Furie & ChainSaw in addition to one other mission Favrr had been exploited up to now week which resulted in ~$1M stolen
My evaluation hyperlinks each assaults to the identical cluster of DPRK IT staff who had been probably by chance employed as builders. pic.twitter.com/85JRm5kLQO
— ZachXBT (@zachxbt) June 27, 2025
Simply days later, the identical playbook was used on three different ChainSaw-connected collections: Peplicator, Hedz, and Zogz. The overall worth drained was estimated at over $300,000 at that time, however monitoring confirmed it didn’t cease there. The attacker moved the stolen funds via completely different wallets earlier than cashing out via the MEXC change, all whereas staying a number of steps forward of observers.
On-chain researchers, together with ZachXBT, tied the exercise to wallets that had interacted with earlier contract exploits. Their evaluation confirmed the method was not simply opportunistic however systematic.
DISCOVER: 9+ Greatest Excessive-Danger, Excessive-Reward Crypto to Purchase in June2025
Suspicion Falls on Freelance Code Hires
Issues took one other flip when investigators uncovered GitHub profiles linked to builders who seemed to be based mostly within the U.S. however had been utilizing instruments and settings related to North Korea. VPN information and regional preferences raised crimson flags. The suspicion is that a few of the contract entry could have come from builders employed via open platforms, given management over delicate methods with out a full vetting course of.
In a separate however comparable incident, a more recent NFT mission referred to as Favrr misplaced $680,000 beneath nearly similar circumstances. Their CTO vanished, and funds from the assault adopted the identical laundering sample. This has fueled concern as a result of folks imagine a number of initiatives could have been compromised via the identical outsourcing channels.
DISCOVER: Subsequent 1000X Crypto: 10+ Crypto Tokens That Can Hit 1000x in 2025
Aftermath and Silence
The Favrr staff introduced they might refund customers and conduct a full evaluate of their contract structure. ChainSaw and Matt Furie have taken a special strategy. They shut down public chat channels, eliminated contact kinds, and left collectors guessing what, if something, will be finished.
24h7d30d1yAll time
The ground costs of affected collections have collapsed. Whereas some homeowners are hoping for a restoration plan, others have began writing off the tokens as a complete loss.
What It Says About NFT Safety
This incident highlights a much bigger drawback within the NFT area. Too many initiatives rely on exterior builders with out the suitable safety checks. Mint contracts are highly effective instruments. As soon as somebody will get entry, they will change the principles, unlock funds, and create or destroy worth in minutes.
Now, collectors are asking extra questions earlier than leaping into new drops. Who controls the contracts? How is code reviewed? What type of safety is in place?
With out clear solutions, this might not be the final time a whole neighborhood watches its belongings vanish in a single day.
DISCOVER: 20+ Subsequent Crypto to Explode in 2025
Be part of The 99Bitcoins Information Discord Right here For The Newest Market Updates
Key Takeaways
Hackers stole over $1 million from Pepe NFT initiatives by hijacking good contracts tied to ChainSaw studio and Matt Furie.
The assaults focused a number of collections, draining funds and minting new tokens to crash ground costs throughout initiatives like Peplicator and Hedz.
Proof suggests the breach got here via freelance builders, with suspicious ties to North Korea and poor inner safety practices.
A associated exploit hit the Favrr NFT mission for $680,000, following the identical laundering path, elevating fears of a broader vulnerability.
This highlights a rising threat within the NFT area, the place mission groups give unvetted contractors entry to mint-level permissions with out enough safeguards.
Why you possibly can belief 99Bitcoins
Established in 2013, 99Bitcoin’s staff members have been crypto consultants since Bitcoin’s Early days.
90hr+
Weekly Analysis
100k+
Month-to-month readers
50+
Knowledgeable contributors
2000+
Crypto Initiatives Reviewed
Observe 99Bitcoins in your Google Information Feed
Get the newest updates, traits, and insights delivered straight to your fingertips. Subscribe now!
Subscribe now 
