ZachXBT Joins as Custodian for Multisig Wallet Holding Munchables’ Hacked Funds

cryptonews.com:

In a recent development, renowned blockchain investigator ZachXBT has been appointed one of four custodians for a multisig wallet holding the hacked user funds of the GameFi protocol Munchables.

We’re on the final steps with the lockdrop refunds.

As part of our next phase, we have restructured the team completely.

We have brought in established and trusted entities to help upgrade the security of the project's funds and smart contracts.

— Munchables (@_munchables_) April 1, 2024

Announced on April 1 by Munchables developers, ZachXBT will serve as the fourth signer on the multisig wallet, alongside existing custodians Manifold Trading, Selini Capital, and Munchables themselves.

The involvement of ZachXBT, known for his expertise in tracing blockchain transactions and identifying potential security vulnerabilities, adds a layer of trust and expertise to the funds’ custodianship.

Following a significant security breach that resulted in nearly $63 million being lost and later recovered, the nonfungible token (NFT) game Munchables has outlined a comprehensive plan to prevent such incidents in the future.

The exploit, which occurred on March 26, involved a rogue in-house developer known as “Werewolves0493,” who compromised the game’s private wallets on the Ethereum layer-2 network Blast. After an analysis by ZachXBT, it was revealed that the exploiter was impersonating multiple developers within the Munchables team.

Four different devs hired by the Munchables team and linked to the exploiter are likely all the same person as they:

>recommended each other for the job
>regularly transferred payments to the same two exchange deposit addresses >funded each others wallets

Github Username… https://t.co/Q0scxp6AxK pic.twitter.com/Pjjo4uKXPE

—