USDMask Network Founder Suji Yan Loses $4 Million in Sophisticated Crypto Heist
Cybersecurity Firm Flags Suspicious Outflows Linked to Suji Yan’s Wallet
Cybersecurity firm Cyvers detected an alarming breach in a wallet linked to Mask Network founder Suji Yan on February 27, 2025, leading to the loss of nearly $4 million in digital assets.
Blockchain monitoring platform lmk.fun (formerly Scopescan) revealed that the stolen funds were swiftly converted into Ethereum (ETH) before being dispersed across seven separate wallets. The entire incident unfolded over 11 minutes, with transactions executed manually, pointing to a targeted and calculated attack rather than an automated smart contract exploit.
According to Cyvers, the compromised assets included 113 ETH worth approximately $265,000, 923 Wrapped ETH (WETH), 301 ezETH, 156 weETH, 90 pufET, 48,400 MASK tokens, 50,000 USDT, and 15 swETH. Following the attack, the hacker consolidated the stolen funds into 1,690.17 ETH, spreading them across multiple addresses. The methodical nature of the transactions suggests the attacker had direct access to Yan’s wallet, raising speculation about whether the breach occurred online or through an offline exploit.
Yan disclosed that the attack took place during his 29th birthday party, fueling concerns that his private key may have been compromised when his phone was left unattended. While he expressed trust in those present, he acknowledged the disturbing reality of such an incident.
Blockchain security experts, including SlowMist and independent investigator ZachXBT, have been enlisted to trace the stolen funds. Given the manual execution of transactions, analysts are exploring whether an in-person compromise led to the breach or if the private key had been exposed digitally beforehand.
The security lapse has raised concerns within the Web3 community, with Cyvers’ Co-founder & CTO Meir Dolev warning that the incident highlights the growing sophistication of cybercriminals in the decentralized finance space. Mask Network’s native token, MASK, had already been on a downward trend, plummeting nearly 50% in the past three months. The heist could further shake investor confidence, potentially exacerbating its decline.
This breach follows a series of high-profile crypto hacks, including the $1.4 billion Bybit exploit on February 21, allegedly tied to North Korea’s Lazarus Group, and the Pump.fun social media breach on February 26, which exposed vulnerabilities in the Web3 ecosystem. The increasing frequency of attacks against high-profile figures and exchanges underscores the mounting threats in the cryptocurrency industry.
Yan has reported the incident to law enforcement, and security firms are tracking the movement of stolen ETH to identify any potential off-ramps used for laundering. Mask Network has yet to release an official statement confirming or detailing the breach, leaving the broader crypto community awaiting further updates on what could be one of the most high-profile personal wallet compromises of the year.
This article has been refined and enhanced by ChatGPT.
