Tech
Share this article

Munchables Exploited for $62M, North Korea-Linked Exploiter Returns Private Keys to Web 3 Firm

The broader crypto community is calling for a controversial chain rollback in a bid to recover funds.

By Shaurya Malwa|Edited by Shaurya Malwa
Updated Mar 27, 2024, 6:50 p.m. Published Mar 27, 2024, 3:25 a.m.
jwp-player-placeholder
  • Munchables, a Web3 project on the Blast blockchain, suffered a hack that resulted in a loss of $62.5 million worth of ether ETH$2,962.80.
  • The attacker manipulated a contract and transferred stored user funds before upgrading the platform’s smart contracts.
  • Blockchain sleuth ZachXBT linked the attacker to North Korea, with the hacking group allegedly stealing $3 billion worth of tokens since 2017.

Web3 project Munchables was drained of an estimated $62.5 million worth of ether ETH$2,962.80 early Wednesday after a contract was maliciously manipulated, blockchain data shows.

Munchables said on X that the developer had shared all private keys to recover the funds.

STORY CONTINUES BELOW
Don't miss another story.Subscribe to the The Protocol Newsletter today. See all newsletters
By signing up, you will receive emails about CoinDesk products and you agree to our terms & conditions and privacy policy.

The attacker apparently transferred the stored users’ funds to themselves before upgrading the platform’s smart contracts. Blockchain sleuth ZachXBT said the attacker was likely North Korean, based on their GitHub commit activity. They are listed on GitHub as “Werewolves0493” and allegedly worked for the Munchables team.

North Korean hacking groups have stolen an estimated $3 billion worth of various tokens since 2017, as per a UN Security Council report earlier this month.

Meanwhile, several crypto developers and traders called for a chain rollback to help recover the funds.

A blockchain rollback reverses a series of confirmed transactions. It is typically done to undo the effects of a hack or other malicious activity that resulted in the theft of funds or other assets.

UPDATE (March 27, 07:01 UTC): Updates headline and adds Munchables statement.

Web3HackEtherETHExploitNorth Korea

More For You

Pudgy Penguins: A New Blueprint for Tokenized Culture

By CoinDesk Research
Dec 30, 2025
logo
Commissioned byPudgy Penguins
Pudgy Title Image

Pudgy Penguins is building a multi-vertical consumer IP platform — combining phygital products, games, NFTs and PENGU to monetize culture at scale.

What to know:

Pudgy Penguins is emerging as one of the strongest NFT-native brands of this cycle, shifting from speculative “digital luxury goods” into a multi-vertical consumer IP platform. Its strategy is to acquire users through mainstream channels first; toys, retail partnerships and viral media, then onboard them into Web3 through games, NFTs and the PENGU token.

The ecosystem now spans phygital products (> $13M retail sales and >1M units sold), games and experiences (Pudgy Party surpassed 500k downloads in two weeks), and a widely distributed token (airdropped to 6M+ wallets). While the market is currently pricing Pudgy at a premium relative to traditional IP peers, sustained success depends on execution across retail expansion, gaming adoption and deeper token utility.

View Full Report

More For You

MegaETH mainnet to go live Feb. 9 in major test of ‘real-time’ Ethereum scaling

By Margaux Nijkerk, AI Boost|Edited by Nikhilesh De
8 hours ago
(MegaLabs)

This follows its October 2025 $450 million token sale that was heavily oversubscribed.

What to know:

  • MegaETH, the much-watched high-performance Ethereum layer-2 network, announced that its public mainnet will go live Feb. 9, marking a major milestone for a project that has gained a lot of attention in the scaling landscape.
  • MegaETH positions itself as a “real-time” blockchain for Ethereum, designed to deliver ultra-low latency and massive transaction throughput.
Read full story