Axie Infinity’s Discord bot compromised, hackers issue fake minting message

Published at: May 18, 2022

Axie Infinity, the popular play-to-earn nonfungible token (NFT) game, faced another attack on its Discord server earlier on Wednesday, leading to a compromise of its MEE6 bot.

MEE6 is a popular discord bot mainly used for automating roles and messages and is used by numerous crypto projects. The attackers used the compromised bot to add permissions to a fake Jiho account and later issued a fake announcement regarding a mint.

The developers managed to remove the compromised MEE6 bot from the main server and deleted the fake messages as well. However, the official Twitter account of the project warned that many users might still see the fake message until they restart their Discord.

2/ The announcements have been deleted but some users may still see the message until they restart their Discord.We have removed the Mee6 bot from the server and will never do a surprise mint.

— Axie Infinity (@AxieInfinity) May 18, 2022

The developers also claimed that the compromise of MEE6 is not a new phenomenon and many projects have faced similar issues. However, the official MEE6 Discord support channel denied allegations of a hack and claimed they have verified with their engineers and didn’t see any unusual activity.

Many believe that the hackers compromised the admin accounts first and then got access to the alternate admin account using MEE6. This helped them to send out webbook messages while hiding the compromised administrator account.

Related: The aftermath of Axie Infinity’s $650M Ronin Bridge hack

The Discord bot compromise comes within a month of one of the biggest heists on Axie Infinity’s Ronin bridge, resulting in a loss of over $600 million worth of crypto assets. The recent slew of security breaches has brought down the confidence of the community in the game, which was once seen as a revolutionary project for the gaming world.

Tags
Nft
Bot
Related Posts
Battle-hardened Ronin bridge to Axie reopens following $600M hack
Sky Mavis, developers of the popular play-to-earn (P2E) nonfungible token (NFT) game Axie Infinity have announced that the Ronin bridge is back online three months after it was hacked for more than $600 million. The Ronin bridge is an Ethereum sidechain built for Axie Infinity, and it enables users to transfer assets between the sidechain and the Ethereum mainnet. On March 29, 173,600 Ether (ETH) and 25.5 million USD Coin (USDC) was drained from the bridge after hackers managed to gain access to private validator keys. The hack was worth more than $620 million at the time. According to the …
Blockchain / June 29, 2022
Battle-hardened Ronin bridge reopens following $600M hack: Finance Redefined
Welcome to Finance Redefined, your weekly dose of key decentralized finance (DeFi) insights, a newsletter crafted to bring you some of the major developments over the last week. This past week, the DeFi ecosystem saw Axie Infinity’s Ronin bridge relaunch with a fully backed 1:1 Ether (ETH) nearly three months after the infamous $600 million hacks. MakerDAO plans to invest $500 million into United States Treasurys and bonds to weather the ongoing bear market. Polkadot (DOT) announced that they would transform their governance model to move towards complete decentralization. While decentralized autonomous organizations (DAOs) are seen as the future of …
Adoption / July 1, 2022
Targeted phishing scam nets $438K in crypto and NFTs from hacked Beeple account
Digital artist and popular nonfungible token (NFT) creator Mike Winkelmann, more commonly known as Beeple, had his Twitter account hacked on Sunday as part of a phishing scam. Harry Denley, security analyst of MetaMask, alerted users that Beeple’s tweets at the time containing a link to a raffle of a Louis Vuitton NFT collaboration were, in fact, a phishing scam that would drain the crypto out of users’ wallets if clicked. ⚠️ Beeple's Twitter account has been compromised (ATO) to post a phishing website to steal funds. 0x7b69c4f2ACF77300025E49DbDbB65B068b2Fda7D 0xF305F6073CFa24f05FF15CA5b387DD91f871b983 pic.twitter.com/0MPNwOPlEu — harry.eth (whg.eth) (@sniko_) May 22, 2022 The scammers were …
Artists / May 23, 2022
Unsung hero saves DeFi protocol from potential exploit: Finance Redefined
Welcome to Finance Redefined, your weekly dose of essential decentralized finance (DeFi) insights — a newsletter crafted to bring you significant developments over the last week. The last week’s headline was dominated by some of the biggest hacks in DeFi. This week is redemption time for many DeFi protocols that either averted an attempted hack or got a significant chunk of their stolen funds back. The BitBTC bridge reportedly had a bug that would essentially allow an attacker to mint fake tokens on one side of the bridge and swap them for real ones. However, one Twitter user was able …
Nft / Oct. 21, 2022
Developers seek solutions for Web3-related scams from internet browsers
A big concern for users in decentralized finance (DeFi) involves the industry’s susceptibility to exploits. A report from Privacy Affairs revealed hackers stole $4.3 billion worth of cryptocurrency in the time period from January to November 2022 — a 37% increase from the previous year. Such exploits harm the integrity of companies and fuel skeptics from outside of the space in their case against cryptocurrencies. However, in a Feb. 2 announcement from Web3 Builders Inc., the company revealed a suite of tools to combat this issue. The initial browser extension TrustCheck was created to flag Web3-related scams before users continue …
Adoption / Feb. 2, 2023