According to onchain investigator and cybersecurity analyst ZackXBT, the attackers pushed out mass batches of NFTs, drove floor prices to zero, then cashed in their haul before teams could react.
Based on reports, the group quietly joined development squads under false identities. They gained insider access to minting contracts. Then they minted thousands of tokens and NFTs in moments.
The sudden flood crushed floor prices and let the thieves grab hot cash in minutes. It all unfolded in under a week, and about $1 million vanished from these projects’ treasuries.
1/ Multiple projects tied to Pepe creator Matt Furie & ChainSaw as well as another project Favrr were exploited in the past week which resulted in ~$1M stolen
ChainSaw’s stolen crypto still sits inactive in wallets, waiting for launderers to stir it back into exchanges. ZackXBT pointed out that nested services then further obscured the money trail.
4/ In total I estimate $310K+ from their projects was stolen and transferred primarily between the three address below.
Onchain transfers moved funds through multiple exchanges and wallets. Analysts say tracing mixed outputs can take weeks. Exchanges must review huge logs.
That slows or even blocks law enforcement from locking down accounts. In the Coinbase data leak back in May 2025, about 69,461 customers had personal info exposed.
Contractors were bribed to hand over user data, leading to an extortion bid against the exchange.
Security experts warn teams to rethink trust models. Zero‑trust approaches limit each engineer’s reach. Multi‑party approval gates could block sudden minting spikes.
Real‑time activity monitors can flag odd behavior right away. And code reviews paired with identity checks for every new hire help close gaps before they’re abused.
Featured image from Vecteezy, chart from TradingView
