Axie Infinity, the favored play-to-earn nonfungible token sport, confronted one other assault on its Discord server earlier on Wednesday, resulting in a compromise of its MEE6 bot.
MEE6 is a well-liked discord bot primarily used for automating roles and messages and is utilized by quite a few crypto tasks. The attackers used the compromised bot so as to add permissions to a pretend Jiho account, and later issued a pretend announcement concerning a mint.
The builders managed to take away the compromised MEE6 bot from the primary server and deleted the pretend messages as nicely. However, the official Twitter account of the undertaking warned that many customers would possibly nonetheless see the pretend message till they restart their Discord.
2/ The bulletins have been deleted however some customers should still see the message till they restart their Discord.
We have eliminated the Mee6 bot from the server and can by no means do a shock mint.
— Axie Infinity (@AxieInfinity) May 18, 2022
The builders additionally claimed that the compromise of MEE6 isn’t a brand new phenomenon and lots of tasks have confronted comparable points. However, the official MEE6 Discord assist channel denied allegations of a hack and claimed they’ve verified with their engineers and did not see any uncommon exercise.
Many consider that the hackers compromised the admin accounts first after which bought entry to the alternate admin account utilizing MEE6. This helped them to ship out webbook messages whereas hiding the compromised administrator account.
Related: The aftermath of Axie Infinity’s $650M Ronin Bridge hack
The Discord bot compromise comes inside a month of one of many largest heists on Axie Infinity’s Ronin bridge leading to a lack of over $600 million price of crypto property. The latest slew of safety breaches has introduced down the arrogance of the neighborhood within the sport, which was as soon as seen as a revolutionary undertaking for the gaming world.