Sep 2025 - Seedify Fund Private Key OFT Contract Compromised Minting - $1.7m (Global)
Seedify.Fund is a prominent Web3 incubator and launchpad dedicated to fostering innovation in the blockchain space. Founded in 2021, its mission is to support and empower early-stage Web3 projects by providing funding, resources, and guidance to developers and entrepreneurs. Seedify focuses on projects related to DeFi, AI, NFTs, Big Data, and Web3 Gaming. Through decentralized mechanisms such as a DAO (Decentralized Autonomous Organization), the platform allows its community to vote on which projects receive funding, ensuring that the process is community-driven and transparent.
A unique aspect of Seedify is its staking system, which offers users the opportunity to stake $SFUND tokens. This allows participants early access to purchase project tokens and become more deeply involved in the projects they support. Stakers also benefit from a variety of reward programs, including token rewards from incubated projects and liquidity mining for those who support the platform’s market activities. By fostering an ecosystem where both investors and innovators can collaborate, Seedify aims to unlock new growth opportunities for Web3 projects.
Beyond funding, Seedify offers a comprehensive incubator designed to help projects reach their full potential. The platform’s decentralized incubator provides expertise in various critical areas such as user experience, marketing, tokenomics, branding, and development. This holistic support system aims to ensure that projects not only get off the ground but also succeed in a competitive and rapidly evolving market. Seedify’s commitment to a decentralized, community-driven approach makes it a standout player in the Web3 ecosystem, providing significant opportunities for both project developers and token holders.
Unfortunately, one of the developers of the Seedify project who held access to a critical private key related to the deployment was not fully satisfied with their job and not well researched on the infected interview tactics often employed by North Korean actors.
The hacker address appears to be connected with other contagious interview attacks. It is likely that an agent of North Korea was able to trick one of the workers at Seedify Fund into running malware as a part of a job interview process, which enabled them to compromise the private key.
Losses were reported by SlowMist as $1.7m USD.
The founder was online with an announcement and a plan within a few hours of the exploit.
"Our community, many people outside of our community, friends with influence, exchanges, chains, cybersecurity teams, and even @cz_binance himself came for support after the events."
Despite having already passed audits by one of the most reputable security firms in the industry, the recent security incident has highlighted the need for even stronger measures. As a result, the platform has committed to significantly enhancing its security protocols to ensure the safety of user funds and assets moving forward.
The immediate steps include implementing triple audits for all new smart contracts, such as those related to new tokens, staking, and farming. These contracts will be reviewed by at least three independent security firms to provide additional assurance. Additionally, the platform will conduct a full audit of its permissionless launchpad, covering both frontend and backend infrastructure, with the results being made public before the system is relaunched.
While the hack was damaging, it served as a catalyst for positive change, leading to the launch of the Phoenix Raise—a fresh start for the platform. The goal is to replace the compromised token with a more secure one, rebuild liquidity, strengthen security protocols, and usher Seedify into a new era of permissionless growth. The Phoenix Raise will also ensure that affected community members are compensated and provide a transparent approach to moving forward.
As part of the recovery process, Seedify is implementing a seamless token migration for holders, including those on BNB Chain and centralized exchanges, with compensation and support for staked tokens and farming positions. The new SFUND token will be launched, and liquidity will remain open until migration is complete. Seedify is working closely with exchanges to ensure the migration is smooth and is also enhancing its security measures through multi-audits and bug bounty programs to prevent future incidents. Importantly, there will be no vesting requirements for migration or compensation tokens, and the conversion ratio for old to new SFUND will be 1:1.
While the hack was a setback, Seedify remains committed to its community. The platform's resilience is evident as it continues to offer rewards, farming tiers, and staking benefits unchanged after the migration. The focus is on ensuring security, providing transparent updates, and rebuilding the platform stronger than before, with all audit results and security details shared publicly.
Seedify has announced they will be replacing tokens purchased prior to the hack on affected chains.
The Seedify Fund homepage is still displaying the SFUND migration page for users to continue the migration to the new token.
To further reinforce security, the platform is introducing a bounty program that offers public incentives for users to report vulnerabilities, similar to the SAFU-style initiatives seen in other platforms. Finally, a dedicated security page will be launched on the website, where audit results and ongoing security status updates will be publicly accessible, providing transparency and peace of mind to users.
Further Analysis
Seedify.Fund, a Web3 incubator and launchpad, suffered a security breach after a developer was tricked into running malware, likely by a North Korean actor, compromising critical private keys and causing a $1.7 million loss. In response, Seedify launched the "Phoenix Raise" to replace the compromised token, rebuild liquidity, and compensate affected users. The platform is strengthening its security measures with triple audits for new smart contracts, a bug bounty program, and a public security page. Additionally, Seedify is ensuring a smooth token migration, with a 1:1 conversion ratio for old SFUND tokens and no vesting requirements, while maintaining rewards and staking benefits for the community.
How Could This Have Been Prevented?
More Cryptocurrency Exchange Hacks/Scams/Frauds
Corepound AI Yield Aggregator on Core Blockchain Rug Pull > > < < UXLINK MultiSig Wallet Single Owner Vulnerability Exploited
Sources/Further Reading
Seedify Fund - "Today at approximately 12:05 UTC, a DPRK state-affiliated group known for many hacks in Web3 gained access to one of our developer’s private keys. Using these, they were able to mint a large amount of SFUND tokens through a bridge contract that had previously passed audit." - Twitter/X (Dec 31)
Ownership transfer from OFT contract owner to malicious entity - BaseScan (Dec 31)
ETH hacked funds - EtherScan (Dec 31)
Address: 0x14181636...351b84be4 | BscScan (Dec 31)
ZachXBT - "The Seedify theft addresses are tied onchain to past Contagious Interview incidents (DPRK)." - Twitter/X (Dec 31)
Seedify Fund - "BNB Chain, Centralized Exchanges. All tokens bought on BNB & CEXs (at any time) will migrate 1:1 into the new token. For other chains, migration and compensation will be based on a pre-hack snapshot." - Twitter/X (Dec 31)
Meta Alchemist - "PLAN: The Phoenix Raise. Yesterday, our community and team experienced their hardest day through a hack by DPRK." - Twitter/X (Dec 31)
Seedify Fund - Community Questions: Migration & The Phoenix Raise - Twitter/X (Dec 31)
Tanuki - Link Between Serenity Shield Hacker and SFUND Hacker - Twitter/X (Dec 31)
Meta Alchemist - "A drain bridge hack just happened on one of our $SFUND bridges. We are investigating the issue. We had audits on all these contracts, and been running the same bridge contracts for over 3 years." - Twitter/X (Dec 31)
Seedify Fund Twitter/X Account (Dec 31)
Seedify Fund Homepage (Dec 31)
Introduction to Seedify.fund - Medium (Dec 31)
Meta Alchemist, Founder Of Seedify Fund, Twitter/X Account (Dec 31)
Seedify Fund - Security Update: What’s Safe, What’s Next, and Our Transparency Commitment - Twitter/X (Dec 31)
 t.me/QuadrigaInitiative
|
 /r/QuadrigaInitiative
|
 @QuadrigaInit
|
 info@quadrigainitiative.com
|