Seedify Suffers $1.2M Hack Linked to North Korean Group

Seedify Fund, a Web3 gaming incubator, has fallen victim to a sophisticated cyberattack, resulting in the theft of $1.2 million. The attack, attributed to a North Korean state-affiliated hacking group, targeted Seedify's token bridge infrastructure, severely impacting the platform's native token, SFUND.

Attack Details

The breach occurred on Tuesday, focusing on Seedify's cross-chain bridge on the BNB Chain. Hackers were able to mint unauthorized tokens and subsequently drain liquidity pools across multiple networks, including Ethereum, Arbitrum, and Base. The stolen funds were then converted on the BNB Chain.

Blockchain investigator ZachXBT linked the attack to a known North Korean campaign called "Contagious Interview," which has reportedly victimized over 230 entities between January and March alone.

SFUND Token Price Crash

The SFUND token experienced a significant price drop following the hack, plummeting nearly 35% in the last 24 hours. It now trades around $0.28, down from $0.42 before the incident was reported.

Compromised Developer Key

Hakan Unal of Cyvers explained that the hack originated from a compromised developer key, which allowed the attackers to mint unauthorized SFUND tokens via a vulnerable bridge contract. Seedify confirmed that the contract should not have allowed token minting without proper bridging transactions.

Industry Response

The crypto community swiftly responded to the attack. Binance founder Changpeng Zhao (CZ) reported that security experts helped freeze $200,000 at the HTX exchange. However, the remaining funds appear to remain on-chain.

Key Takeaways:

• North Korean hackers continue to target the DeFi sector.
• Compromised developer keys are a major security risk.
• Cross-chain bridges remain a vulnerable point in blockchain infrastructure.
• On-chain monitoring and multi-signature approvals are crucial for security.
• SFUND token holders have been significantly impacted.

Growing Threat

A recent Cisco Talos report highlights North Korean groups are refining their attacks with new malware, such as "PylangGhost," targeting crypto professionals through fake job postings. DPRK-related losses in 2024 totaled $1.3 billion, and based on recent reports, 2025 is shaping up to be even more successful for these threat actors.