Last updated:
| 2 min read
In a recent development, renowned blockchain investigator ZachXBT has been appointed one of four custodians for a multisig wallet holding the hacked user funds of the GameFi protocol Munchables.
We’re on the final steps with the lockdrop refunds.
As part of our next phase, we have restructured the team completely.
We have brought in established and trusted entities to help upgrade the security of the project’s funds and smart contracts.
— Munchables (@_munchables_) April 1, 2024
Announced on April 1 by Munchables developers, ZachXBT will serve as the fourth signer on the multisig wallet, alongside existing custodians Manifold Trading, Selini Capital, and Munchables themselves.
The involvement of ZachXBT, known for his expertise in tracing blockchain transactions and identifying potential security vulnerabilities, adds a layer of trust and expertise to the funds’ custodianship.
Munchables Implements Enhanced Security Measures After $63 Million Exploit
Following a significant security breach that resulted in nearly $63 million being lost and later recovered, the nonfungible token (NFT) game Munchables has outlined a comprehensive plan to prevent such incidents in the future.
The exploit, which occurred on March 26, involved a rogue in-house developer known as “Werewolves0493,” who compromised the game’s private wallets on the Ethereum layer-2 network Blast. After an analysis by ZachXBT, it was revealed that the exploiter was impersonating multiple developers within the Munchables team.
Four different devs hired by the Munchables team and linked to the exploiter are likely all the same person as they:
>recommended each other for the job
>regularly transferred payments to the same two exchange deposit addresses >funded each others walletsGithub Username… https://t.co/Q0scxp6AxK pic.twitter.com/Pjjo4uKXPE
— ZachXBT (@zachxbt) March 27, 2024
Fortunately, the situation was de-escalated when the developer returned the stolen funds without demanding a ransom. However, Munchables is taking proactive steps to enhance its security measures and also to return the hacked users funds.
One key strategy is adding new multisignature signers, including investment firm Manifold Trading, market maker Selini Capital, and blockchain investigator ZachXBT. These signers will ensure the safe return of users’ funds and oversee the project’s security upgrades.
Moreover, @ZachXBT will be joining as the 4th signer on the multisig at this stage, completing the safe return of user funds.
We will also be onboarding @NethermindEth to audit all our refreshed contracts before going live again.
— Munchables (@_munchables_) April 1, 2024
Furthermore, Munchables developers from Manifold Trading and Selini Capital will conduct reaudits and upgrade to new contracts, in addition to overseeing the hiring process for developers in the future. The Ethereum infrastructure firm Nethermind will also thoroughly audit the refreshed contracts before Munchables resumes operations.
ZachXBT confirmed his temporary role as a multisig signer in response to his nomination and expressed support for the team’s approach to rotating signers as needed for security purposes.
confirming I will be temporarily joining the multisig as a signer for the initial period.
— ZachXBT (@zachxbt) April 1, 2024
Munchables Relaunches with Enhanced Rewards and Financial Support for Recovery Efforts
As Munchables prepares for its relaunch following a significant security breach, the platform has announced several initiatives to incentivize returning gamers and support entities involved in the recovery process.
Returning gamers will be eligible for higher rewards in the game, with developers teasing “massive multiples on game rewards” for depositors who return. Additionally, the platform has pledged financial support to those involved in the recovery process, stating, “We will send ETH and future MUNCH donations to those who were involved in keeping our users safe.”
Finally, we will send ETH and future MUNCH donations to those who were involved in the recovery process of keeping our users safe.
— Munchables (@_munchables_) April 1, 2024
Furthermore, custodians and users who helped thwart the attack will receive ETH and future MUNCH donations for their assistance in asset recovery.
In addition to these initiatives, Munchables plans to re-release with NFT migration plans and additional features that will be revealed soon. The platform aims to enhance user experience and ensure a secure environment for its community of gamers.
In expressing their appreciation, the company quoted Confucius, emphasizing the value of seizing opportunities and making the most of life’s experiences: “We have two lives to munch, and the second begins when we realize we only have one.”
As a precaution, Munchables has warned users against interacting with websites claiming to offer refunds, as the company will directly send refunds to users’ wallets. This proactive approach aims to ensure a smooth and secure transition for users as they return to the platform.
Read the full article here