Pepe NFT Creator’s Projects Drained of $1M in Contract Hijacking Heist
Another day, another crypto heist—only this time, it’s meme NFTs in the crosshairs.
Hackers bypass security, drain $1M from Pepe creator’s collections
Smart contracts weren’t so smart after all. Attackers exploited a vulnerability, siphoning funds from multiple NFT projects tied to the iconic Pepe meme. The hijack serves as a brutal reminder: in crypto, even internet-famous frogs aren’t safe from rug pulls.
Meanwhile, traditional finance bros clutch their pearls—as if Wall Street’s never seen a million vanish before lunch.
Favrr exploit follows the same payroll path
A second incident surfaced on June 25, when the freelance services token project Favrr lost more than $680,000 following its listing on a DEX. On-chain analysis linked the exploit to the consolidation wallet 0x477, which received recurring payments from Favrr payroll addresses 0x1708 and 0x6412.
Gate.io deposit address 0xab7 received part of the stolen Favrr tokens, and was previously funded by the suspected developer behind “sujitb2114”.
Favrr announced that it WOULD refund all initial decentralized offering participants, cancel its MEXC listing, and initiate a thorough audit of its codebase. The project added that it will publish a new launch timeline “in the coming weeks” and advised users to avoid trading impostor tokens in the interim.
ZachXBT reported that Favrr’s chief technology officer, listed as Alex Hong, deleted his LinkedIn profile after the exploit. Attempts to verify his work history with previous employers were unsuccessful.
The investigator plans to release aggregate data on payroll flows to wallets tied to the same North Korean cluster, contending that basic due diligence checks would have flagged the hires.
The stolen funds from the ChainSaw collections remain idle, while most Favrr proceeds have already passed through Gate.io and several nested services.
ZachXBT said he has not reached the teams because their direct message channels are closed, and official Telegram or Discord rooms do not provide contact options.
The incidents bring renewed attention to the risks of “shadow hiring” in crypto projects that outsource development through gig-work platforms.
Investigators continue to follow the on-chain trails, and affected communities await formal statements from Furie, ChainSaw, and Favrr.
