Axie Infinity, NFT and Other Projects Fall Victims of a Phishing Attack

Gaming Hack NFT Non-fungible tokens Security
Ad Disclosure
Ad Disclosure

We believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. However, this potential compensation never influences our analysis, opinions, or reviews. Our editorial content is created independently of our marketing partnerships, and our ratings are based solely on our established evaluation criteria. Read More
Last updated:
Ad Disclosure
Ad Disclosure

We believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. However, this potential compensation never influences our analysis, opinions, or reviews. Our editorial content is created independently of our marketing partnerships, and our ratings are based solely on our established evaluation criteria. Read More
Author
Ruholamin Haqshanas
Author Categories
About Author

Ruholamin Haqshanas is a contributing crypto writer for CryptoNews. He is a crypto and finance journalist with over four years of experience. Ruholamin has been featured in several high-profile crypto...

Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews
Ad DisclosureWe believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. Read more
Source: Axie Infinity / Twitter

Messaging platform Discord servers of multiple large NFT collections and crypto projects, including play-to-earn game Axie Infinity, have been compromised, with attackers publishing phishing links that appear to be NFT mints.

Some other affected projects include popular NFT collections Moonbirds and PROOF, virtual sneakers company RTFKT, payment network Memeland, and social graph protocol CyberConnect, among others, according to blockchain security firm PeckShield.

Axie Infinity confirmed that its Discord server has been compromised.

“There was a compromise of the MEE6 bot which was installed on the main Axie server,” Axie Infinity said. “The attackers used that bot to add permissions to a fake Jiho [Jeff Zirlin, co-founder of Axie] account, which then posted a fake announcement about a mint.”

The team noted that they have removed the fake announcements, adding that they would “never do a surprise mint.”

Some other projects have also confirmed the attack, speculating that the widely-used MEE6 Discord bot might have been compromised.

“It seems that the MEE6 bot is compromised. Please do not click any links in our discord,” Memeland said on Twitter.

However, the MEE6 team has seemingly denied allegations that the bot was compromised. “MEE6 was, is and never will be compromised,” a team member has reportedly said on Discord.

The MEE6 bot enables users to create commands that automatically give and remove roles and send messages in the current channels or in the user’s direct messages, according to its website.

Meanwhile, pseudonymous NFT educator and discord security auditor Skits has claimed that the attack actually involved a phishing scam that compromised admin accounts and used MEE6 features to disguise which admin accounts were compromised.

“First they will hack an admin account. Secondly they will create a reaction role feature from MEE6 to give an alternate account admin,” Skits said. “Using this method, they will be able to send webbook messages while hiding who the compromised administrator account is.”

Skits has also shared a screenshot of what appears to be a dialogue among the attackers, which seems to be “a large group,” where one scammer admits to stealing over a million.

____
Learn more:
NFT Self Defense: Staying Safe in Web3
Axie Infinity’s Post-Hack Metrics Beckon Optimism, Not Despair

Just How Sustainable Are Play-to-Earn Gaming Pyramids?
‘Wave of Crypto Muggings’ Hits London’s Financial District

More Articles

Blockchain News
Japan’s SBI Posts Record Crypto Profits; Aims for Nation’s First USDC Listing
Tim Alper
Tim Alper
2025-02-09 23:30:00
Price Analysis
Price Breakthrough Forecast: The Next XRP Rally Could Be Here Soon
Arslan Butt
Arslan Butt
2025-02-09 14:21:48
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors