Axie Infinity, the popular play-to-earn game with non-fungible tokens, faced another attack on its Discord server earlier Wednesday, resulting in a compromise of its MEE6 bot.
MEE6 is a popular Discord bot mainly used to automate roles and messages and is used by numerous crypto projects. The attackers used the compromised bot to add permissions to a fake Jiho account and later issued a fake announcement regarding a coin.
The developers managed to remove the compromised MEE6 bot from the main server and also deleted the fake messages. However, the project’s official Twitter account warned that many users may still see the fake message until they restart their Discord.
2/ The announcements have been deleted but some users may still see the message until they restart their discord.
We have removed the Mee6 bot from the server and will never do a surprise mint.
— Axie Infinity (@AxieInfinity) May 18, 2022
The developers also claimed that the MEE6 compromise is not a new phenomenon and many projects faced similar problems. However, MEE6 Discord’s official support channel denied allegations of a hack, claiming they verified with their engineers and did not detect any unusual activity.
Many believe that the hackers compromised the admin accounts first and then got access to the alternate admin account using MEE6. This helped them to send webbook messages while hiding the compromised administrator account.
See Also: The Aftermath of Axie Infinity’s $650M Ronin Bridge Hack
The Discord bot compromise comes within a month of one of the largest heists on Axie Infinity’s Ronin Bridge, which resulted in the loss of over $600 million in crypto assets. The recent spate of security breaches has shaken the community’s trust in the game, which was once seen as a revolutionary project for the gaming world.
https://cointelegraph.com/news/axie-infinity-s-discord-bot-compromised-hackers-issue-fake-minting-message Axie Infinity’s Discord bot has been compromised, hackers issue a fake minted message