Axie Infinity, the favored play-to-earn nonfungible token recreation, confronted one other assault on its Discord server earlier on Wednesday, resulting in a compromise of its MEE6 bot.
MEE6 is a well-liked discord bot primarily used for automating roles and messages and is utilized by quite a few crypto tasks. The attackers used the compromised bot so as to add permissions to a fake Jiho account, and later issued a fake announcement concerning a mint.
The builders managed to take away the compromised MEE6 bot from the primary server and deleted the fake messages as properly. Nevertheless, the official Twitter account of the undertaking warned that many customers may nonetheless see the fake message till they restart their Discord.
2/ The bulletins have been deleted however some customers should see the message till they restart their Discord.
Now we have eliminated the Mee6 bot from the server and can by no means do a shock mint.
— Axie Infinity (@AxieInfinity) May 18, 2022
The builders additionally claimed that the compromise of MEE6 is just not a brand new phenomenon and lots of tasks have confronted comparable points. Nevertheless, the official MEE6 Discord help channel denied allegations of a hack and claimed they’ve verified with their engineers and did not see any uncommon exercise.
Many imagine that the hackers compromised the admin accounts first after which obtained entry to the alternate admin account utilizing MEE6. This helped them to ship out webbook messages whereas hiding the compromised administrator account.
Associated: The aftermath of Axie Infinity’s $650M Ronin Bridge hack
The Discord bot compromise comes inside a month of one of many largest heists on Axie Infinity’s Ronin bridge leading to a lack of over $600 million value of crypto belongings. The current slew of safety breaches has introduced down the arrogance of the group within the recreation, which was as soon as seen as a revolutionary undertaking for the gaming world.