Axie Infinity was the subject of another hack, this time using a discord bot.
Axie Infinity revealed on Twitter that the MEE6 bot on its Discord channel has been compromised. The MEE6 team has denied that its bot was attacked. The MEE6 bot is quite popular on Discord, and many servers use it to automate messages and other activities. According to Axie Infinity, the attackers hacked the bot and used it to grant rights for a false Jiho account, which they then used to make a fraudulent mint announcement on May 18.
Fortunately, the coders caught on immediately. They erased the messages and uninstalled the hacked bot. According to the gaming platform, there will never be a surprising mint and all such events will be announced on Twitter, Facebook, Discord, and Substack. However, it was also stated that some users may still be able to access erased messages until they restarted Discord. At least one user says that the attack resulted in the loss of an NFT and a domain. Axie Infinity indicated that the hack is not unique to their server and that numerous servers using MEE6 Bot have experienced similar difficulties in the past. Cool Cats, RTFKT, PXN, PROOF/Moonbirds, and Memeland have all stated that their admin accounts have been compromised as a result of the bot. Those familiar with Discord security believe the hackers targeted admin accounts first. Then, using the MEE6 bot’s response role capability, they assigned the admin position to another account. They may send webbook messages this way without exposing the hacked administrator account.
On its Discord channel, MEE6 has disputed the accusation of a breach. It claimed that its bot has caused no harm to any NFT community. Even after raising more cash to reimburse consumers, Axie Infinity’s native token AXS has suffered since the exploit. Users’ trust has declined and continues to decline as a result of delays and growing security concerns. AXS is presently trading at $21.6, having reached an all-time high of $164.9 in November 2021.
Read more: OpenSea Discord Server Compromised, Phishing Links Posted