Seedify’s SFUND Implodes 99%: DPRK Hackers Exploit Critical Bridge Flaw in Devastating Attack

Digital heist rocks crypto ecosystem as North Korean-linked hackers drain millions through blockchain vulnerability.

The Anatomy of a Bridge Exploit

Attackers bypassed security protocols using sophisticated bridge manipulation techniques. The exploit targeted cross-chain transaction validation mechanisms, leaving SFUND's infrastructure exposed. Security audits missed the critical flaw that allowed unauthorized fund transfers.

Market Carnage Unfolds

SFUND's 99% collapse triggered panic selling across gaming token sectors. Liquidity pools evaporated within hours as automated trading algorithms amplified the downward spiral. The token's catastrophic drop represents one of crypto's most dramatic single-day collapses.

Regulatory Fallout Looms

International watchdogs scramble to coordinate response protocols. The DPRK connection raises geopolitical stakes, potentially triggering unprecedented cross-border financial investigations. Another reminder that in crypto, your 'security' often just means being the slowest gazelle in the herd.

In a public plea posted to X, Aydan appealed directly to Binance founder Changpeng Zhao for help, citing more than $1.2 million in stolen assets tied to 64,000 affected holders on BNB Chain.

Hi @cz_binance a few hours ago our bridge/oft contract got hacked, and hackers transferred minted tokens onto many chains, including BNB, where they sold most of the $SFUND tokens.

Currently they hold more than $1.2M in BNBchain:
0x14181636dd5BC8C6b8b47F8D0fd1b1e351B84bE4

A lot…

Seedify’s response and what the exploit revealed

Roughly three hours after Aydan’s first acknowledgment of the breach, Seedify’s official X account issued a detailed statement. The team attributed the exploit to a DPRK state-affiliated group, saying the attackers gained control of a developer’s private keys.

According to the announcement, the breach occurred at approximately 12:05 UTC when hackers used the keys to unlock the bridge contract on Avalanche, allowing them to modify settings and mint unauthorized SFUND tokens. The team emphasized that the contract had previously passed an audit from a trusted firm, underscoring the unsettling nature of the vulnerability.

In a rapid containment effort, the Seedify team stated it coordinated with centralized exchanges to halt trading, blacklisted the attacker’s addresses across multiple chains, and revoked the compromised permissions. The update assured users that “there is no ongoing risk to liquidity on BNBChain anymore,” and that all cross-chain bridges have been temporarily disabled.

Notably, the post concluded with a commitment to persevere.

“Since 2021, Seedify has been a home for builders and everyone dedicated to creating value in the Web3 ecosystem, through both bull and bear,” the team said. “This unfortunate event won’t stop us, it only ignited our team to build better and bigger from here.”

The severity of the exploit pushed Aydan to go beyond formal updates. In a post on X, he offered blockchain sleuth ZachXBT a bounty if he could track down the attackers and help recover stolen funds.

@zachxbt if you could find us the hackers, and help us resolve this situation we WOULD love to give you a huge bounty for this.

You can dm me directly.

It is very urgent as they are moving the funds that they gotten from draining the liquidity pools, after minting from bridges