2025-09-24
Seedify
Today, a DPRK state-affiliated group access to one of our developer’s private keys
#Seedify
Seedify
#Seedify
- Reported: 2025-09
- Locations: Seychelles
- Motivations: #FinancialGain
- Sectors: #Cryptocurrency
Summary
On October 1, 2025, a DPRK-linked hacking group compromised a developer’s private key at Seedify, enabling them to exploit the OFT bridge contract on Avalanche—despite it having passed audit—and mint a large number of unauthorized SFUND tokens. These tokens were bridged to Ethereum, Arbitrum, and Base, where the attacker drained liquidity pools, before transferring the maximum possible amount to BNB Chain and selling them prior to containment. While the breach was limited to minting privileges and did not affect core contracts, user wallets, or the protocol itself, Seedify has paused all bridges, coordinated with exchanges to halt trading, blacklisted attacker addresses, and pledged a full security review with auditors.