SFUND Exploit: Bridge Hack Rocks Seedify

Seedify’s $SFUND token suffered a major exploit earlier today, triggering one of the sharpest crashes in its history.

A bridge powered by LayerZero was compromised, allowing an attacker to mint millions of tokens that were quickly dumped on-chain.

The Exploit Unfolds

The attacker created a custom token on Polygon and abused bridge functions to mint roughly 8.8 million SFUND on Base. These tokens were then bridged to BNB Chain and offloaded on PancakeSwap. Liquidity drained fast, with the attacker unloading funds in multiple chunks: 300 BNB, 250 BNB, and 200 BNB.

Price collapsed from $0.43 to near zero in minutes , a 99% drop. It has since bounced back slightly, trading around $0.2 at press time (CoinMarketCap). Volume spiked above $20 million in the past 24 hours, with BSC and Base liquidity pools taking the hardest hit.

What Seedify Says

Seedify’s founder described the incident as a “bridge drain hack”, clarifying that it did not involve the core $SFUND contract. The token’s main smart contracts have been running for three years without issues.

The team is now working with LayerZero, auditors, investigators, and onchain trackers to trace the exploit. Early speculation suggested insider links, but no evidence supports this so far.

It confirmed the breach came from compromised developer keys. A DPRK state-affiliated group gained access and modified the OFT contract. This allowed unauthorized minting of tokens on Avalanche that should not have been possible under normal bridge rules.

Attack Path

•  Tokens minted via Avalanche’s OFT contract
•  Bridged to Ethereum, Arbitrum, and Base
•  Liquidity pools drained on multiple chains
•  Funds funneled to BNB Chain
•  Dumped on PancakeSwap before Seedify contained the breach

Once detected, Seedify halted trading on centralized exchanges, blacklisted exploit addresses, and paused all bridges.

ZachXBT Confirms

Blockchain sleuth @zachxbt connected the exploit addresses to North Korean hackers, a group with a history of targeting DeFi bridges and cross-chain infrastructure.

What Users Should Do

Seedify issued urgent advice for the community:

•  Avoid all $SFUND bridges until further notice
•  Revoke any approvals tied to bridge contracts
•  Follow official Seedify channels for updates

The team stressed that core contracts, user wallets, the Seedify website, and protocol infrastructure remain unaffected. The breach was isolated to compromised bridge permissions.

Damage Control

Seedify is taking several steps to contain fallout:

•  Coordinated with exchanges to halt $SFUND trading
•  Blacklisted attacker wallets across multiple chains
•  Revoked compromised contract permissions
•  Paused all cross-chain bridges

They are also reviewing all infrastructure with external security experts. Despite passing prior audits, the OFT contract had vulnerabilities that enabled the exploit.

$SFUND’s collapse sent shockwaves across DeFi. Liquidity pools on BSC and Base are nearly drained, leaving little stability for the token’s price. On CoinMarketCap, SFUND shows near-total value destruction, with daily trading volume fueled by panic and opportunistic traders.

Still, the core Seedify ecosystem remains intact, with the team vowing to restore confidence.

Seedify’s Message to the Community

In their statement, the Seedify team expressed regret:

“We deeply regret the impact of this incident and are committed to handling it with transparency. Since 2021, Seedify has been a home for builders in Web3. This won’t stop us , it only drives us to build better.”

They thanked the community, auditors, and security researchers helping to assess the breach. Special thanks were extended to @zachxbt and @zeroshadow_io for tracing how the hack was executed.

Bridge exploits have become one of the most common attack vectors in 2025. This incident highlights the fragile state of cross-chain infrastructure, where a single compromised wallet or overlooked permission can wipe out millions.

Seedify’s swift response may contain the damage, but the reputational hit is already heavy. For the wider DeFi sector, it’s another reminder that audits are not guarantees and that attack surfaces expand with every new bridge.

The SFUND exploit is a stark example of how fast DeFi value can vanish. From mint to dump, the entire hack unfolded within hours, leaving a once-stable token trading at fractions of a cent.

For now, the safest move is to stay away from SFUND bridges, revoke approvals, and monitor official channels. Seedify promises more updates as investigations continue.

This hack doesn’t mark the end of Seedify, but it does show that even trusted projects remain vulnerable in an industry still learning the hard way.

Disclosure: This is not trading or investment advice. Always do your research before buying any cryptocurrency or investing in any services.

Follow us on Twitter @themerklehash to stay updated with the latest Crypto, NFT, AI, Cybersecurity, and Metaverse news!