A set of NFT collections tied to Matt Furie, the creator of the Pepe meme, and the ChainSaw studio have been hit by a string of contract hijacks that led to more than $1 million being stolen. Attackers took control of mint contracts, drained revenue, and issued new tokens, wiping out value and leaving collectors stunned. Many fans were shocked to see the Pepe creator’s NFT projects targeted by attackers with deep access to mint functions.
The theft wasn’t a one-time hit. It unfolded in stages, across multiple days and multiple collections, suggesting careful planning and a deep understanding of how the projects were structured. The fact that the attackers gained control from inside the contract level has triggered serious concerns across the NFT community.
How the Attack Played Out
It began in the early hours of June 18 when the Replicandy mint contract, part of ChainSaw’s ecosystem, was taken over. Ownership was quietly transferred to a new address. That gave the attacker full control. They emptied the mint funds and then reopened the contract to create new tokens. These were pushed out rapidly, flooding the market and crashing prices.
1/ Multiple projects tied to Pepe creator Matt Furie & ChainSaw as well as another project Favrr were exploited in the past week which resulted in ~$1M stolen
My analysis links both attacks to the same cluster of DPRK IT workers who were likely accidentally hired as developers. pic.twitter.com/85JRm5kLQO
— ZachXBT (@zachxbt) June 27, 2025
Just days later, the same playbook was used on three other ChainSaw-connected collections: Peplicator, Hedz, and Zogz. The total value drained was estimated at over $300,000 at that point, but tracking showed it didn’t stop there. The attacker moved the stolen funds through different wallets before cashing out through the MEXC exchange, all while staying several steps ahead of observers.
On-chain researchers, including ZachXBT, tied the activity to wallets that had interacted with earlier contract exploits. Their analysis showed the process was not just opportunistic but systematic.
DISCOVER: 9+ Best High-Risk, High-Reward Crypto to Buy in June2025
Suspicion Falls on Freelance Code Hires
Things took another turn when investigators uncovered GitHub profiles linked to developers who appeared to be based in the U.S. but were using tools and settings associated with North Korea. VPN data and regional preferences raised red flags. The suspicion is that some of the contract access may have come from developers hired through open platforms, given control over sensitive systems without a full vetting process.
In a separate but similar incident, a newer NFT project called Favrr lost $680,000 under almost identical conditions. Their CTO vanished, and funds from the attack followed the same laundering pattern. This has fueled concern because people believe multiple projects may have been compromised through the same outsourcing channels.
DISCOVER: Next 1000X Crypto: 10+ Crypto Tokens That Can Hit 1000x in 2025
Aftermath and Silence
The Favrr team announced they would refund users and conduct a full review of their contract architecture. ChainSaw and Matt Furie have taken a different approach. They shut down public chat channels, removed contact forms, and left collectors guessing what, if anything, will be done.
The floor prices of affected collections have collapsed. While some owners are hoping for a recovery plan, others have started writing off the tokens as a total loss.
What It Says About NFT Security
This incident highlights a bigger problem in the NFT space. Too many projects depend on external developers without the right security checks. Mint contracts are powerful tools. Once someone gets access, they can change the rules, unlock funds, and create or destroy value in minutes.
Now, collectors are asking more questions before jumping into new drops. Who controls the contracts? How is code reviewed? What kind of security is in place?
Without clear answers, this may not be the last time an entire community watches its assets vanish overnight.
DISCOVER: 20+ Next Crypto to Explode in 2025
Join The 99Bitcoins News Discord Here For The Latest Market Updates
Key Takeaways
- Hackers stole over $1 million from Pepe NFT projects by hijacking smart contracts tied to ChainSaw studio and Matt Furie.
- The attacks targeted multiple collections, draining funds and minting new tokens to crash floor prices across projects like Peplicator and Hedz.
- Evidence suggests the breach came through freelance developers, with suspicious ties to North Korea and poor internal security practices.
- A related exploit hit the Favrr NFT project for $680,000, following the same laundering path, raising fears of a broader vulnerability.
- This highlights a growing risk in the NFT space, where project teams give unvetted contractors access to mint-level permissions without sufficient safeguards.
The post $1 Million Drained From Pepe NFT Projects in Coordinated Contract Hijack appeared first on 99Bitcoins.
