unchables, a Web3 platform built on the Blast blockchain, suffered a massive exploit on March 27th 2024 that drained approximately $62.5 million from its platform. According to reports, a former developer named Werewolves0493 who worked with the Munchables team manipulated a smart contract to transfer out all stored user funds before upgrades were pushed to the platform's contracts.
Tracing the Attacker
The attacker was linked to a notorious North Korean state-sponsored hacking group that has been accused of large-scale crypto thefts totaling $3 billion since 2017. The attacker went by the name Werewolves0493 on Github where they had contributed code to Munchables before turning rogue. This points to an inside job where the attacker exploits their knowledge of the platform for financial gains.
Calls for a Rollback
In the aftermath of the attack, there have been significant calls from the crypto community for Munchables to roll back the Blast blockchain before the theft occurred. A rollback would essentially 'rewind' the chain and invalidate the transactions that drained the funds. Proponents of a rollback argue it is necessary to recover user assets and maintain trust in the platform. However, rollbacks are also controversial as they undermine the immutability and decentralization principles of blockchains. Munchables is currently investigating options to make users whole again.
Concerns about Security and Hiring
The Munchables hack underscores broader issues around security vulnerabilities in smart contracts and the need for improved vetting of developer hires at blockchain companies. With such a vast amount of capital now flowing into the digital asset space, platforms face increasing incentives for malicious actors to find exploitable flaws. While innovations in cryptography and automated testing aim to make contracts more robust, oversight of who has access to develop and audit code is equally important to prevent economic sabotage from within. The community will be looking to Munchables for accountability and steps taken to bolster protections moving forward.
_%20500%20x%20288%20(15).webp)
