Suji Yan, the Mask Network founder, suffered a major security breach on February 27, 2025, when around $4 million worth of different cryptocurrencies were stolen.
In a social media post, the Onchain cybersecurity platform Cyvers first identified this incident by detecting suspicious outflows from an address belonging to Yan.
As per the data revealed by Cyvers, the stolen funds included a wide variety of tokens, such as 113 Ether (ETH), 923 Wrapped Ether (WETH), 301 ezETH, 156 weETH, 90 pufET, 48,400 MASK tokens, 50,000 Tether (USDT), and 15 swETH.
The stolen money was promptly converted to Ethereum following the original attack. Later, the money was divided into six different wallet addresses, one of which ended in “df7,” to hide the transaction trace and complicate recovery.
Suji Yan addressed the breach on social media, revealing that the hack coincided with his 29th birthday celebration. He speculated that an offline attack would have been possible since the breach might have happened when his phone was left unattended during the event.
Yan has contacted blockchain security company SlowMist and on-chain analyst ZachXBT to help with the investigation. He is also working with authorities and agencies and he would not comment further until experts come forward with their findings.
Yan described his distress over the incident, commenting on the deep effect such breaches can have on people in the crypto community.
This incident contributes to a line of recent high-profile security breaches in the crypto space. Significantly, North Korea’s Lazarus Group was found to be responsible for the massive breach that occurred on the Bybit exchange, which resulted in a $1.5 billion loss.
These instances highlight the growing complexity of cyber threats in the Web3 ecosystem, emphasizing the need for improved security controls, live transaction tracking, and rapid incident response methods to protect digital assets.
