After the $623M Hack, Axie Infinity’s Discord Bot Gets Compromised

Key Insights:

  • The hack was confirmed by Axie Infinity earlier today.
  • MEE6 official channels denied allegations of being exploited.
  • Axie Infinity is still recovering from the $625 million hack.

As it appears to be, social media hacks and exploits seem to have become the new meta in cybercrime, with more and more crypto blockchains and DeFi protocols facing this issue this year. Axie Infinity became the latest target of the same.

Axie Infinity Blames MEE6

In a tweet today, Axie Infinity stated that the MEE6 bot which was installed on their main Axie server was compromised.

According to the investigation, the hacker used the MEE6 and added fake permissions to a fake Jiho account, after which fake announcements regarding a mint were posted on the channels.

Soon after, the MEE6 bot was removed, and the fake messages were deleted. Still, as per one user, their NFT and domain were already stolen.

Although the MEE6 team stated that the allegations being directed towards MEE6 were “fake news”, as neither did they spot any unusual activity nor were they were contacted by any real community owners.

The MEE6 support server although stated that the admin accounts of Axie Infinity’s Discord server were compromised, which enabled the hacker to use the MEE6 bot to post phishing messages and links in the channels.

Regardless of what the case may be, Axie Infinity investors’ community is losing their patience since this is the second attack on the platform, the last being the $625 million hack.

Known to be the biggest hack in the history of crypto, Axie Infinity’s Ronin Bridge exploit accounted for half of all the crypto attacks that took place throughout the first quarter of 2022.

Going forward, Axie Infinity needs to make itself more secure before investors start exiting to protect their funds.

Social Media – The New Target

As reported by FXEmpire, multiple official servers and accounts fell victim to these hackers, who used the platforms to execute phishing attacks on the users throughout April and May.

In the second quarter, the first to witness this was the NFT collection Bored Ape Yacht Club (BAYC) after its Discord was compromised and hackers managed to steal $69k worth of NFT.

The same month, BAYC’s Instagram account was hacked, which was used to promote a fake airdrop to lure investors into signing away their NFTs. As confirmed by the founder of BAYC, about 4 Apes, 6 Mutants, 3 Kennels, and some other NFTs were stolen.

Similarly, Opensea’s Discord was hacked as well, with hackers promoting fake YouTube-based NFTs to steal their private keys. Although no loss occurred in this instance, it made platforms reinforce their social media security.