PlayDapp Security Breach Escalates: Cumulative Losses Surpass $290 Million Mark

Crypto hack DeFi Hack
Last updated:
Author
Ruholamin Haqshanas
Author Categories
About Author

Ruholamin Haqshanas is a contributing crypto writer for CryptoNews. He is a crypto and finance journalist with over four years of experience. Ruholamin has been featured in several high-profile crypto...

Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews

The recent PlayDapp security breach has taken a grim turn, with cumulative losses now exceeding $290 million.

According to a report by blockchain analytics firm Elliptic, the exploit resulted in the theft of millions worth of PLA tokens, the native cryptocurrency powering PlayDapp’s gaming platform and NFT marketplace.

The report, released on Tuesday, revealed that an unauthorized wallet, likely obtained through a compromise of private keys, minted 200 million PLA tokens valued at $36.5 million on February 9. 

PlayDapp’s Negotiation Attempt Backfires

Following the incident, PlayDapp attempted to negotiate with the hacker, issuing an on-chain message requesting the return of the stolen funds by February 13, offering a $1 million white hat reward.

However, these efforts proved futile.

“Attempts to negotiate with the hacker were unsuccessful as they showed no willingness to help recover holders’ losses,” PlayDapp wrote in a statement on Tuesday.

Instead, the hacker escalated the situation by minting an additional 1.59 billion PLA tokens, valued at a staggering $253.9 million, on February 12.

They then began laundering the funds through various crypto exchanges.

Elliptic noted that prior to the breaches, the total circulating supply of PLA tokens was 577 million, making it challenging for the exploiter to sell the newly minted 1.8 billion tokens at anywhere close to their previous market value.

On February 13, PlayDapp announced on the social media platform X that they had paused the PLA smart contract.

They requested the temporary halt of transactions in order to conduct a snapshot for migration, emphasizing their commitment to protecting holders’ assets and pledging to keep the community informed.

PlayDapp also said it is actively collaborating with crypto exchanges, blockchain forensic firms, and law enforcement agencies to address the breach.

Furthermore, the project said they are diligently tracking the minted and swapped tokens while exploring migration solutions, such as the possibility of an airdrop.

As of February 13, the PLA token was trading at $0.15, experiencing a 2.9% decrease over the past 24 hours.

Coinbase Pauses PLA Trading

On Wednesday, Coinbase suspended PLA token trading after the project paused its smart contract.

“We will continue to monitor developments related to PLA from the issuer and update our customers as more information becomes available,” Coinbase said on X.

As reported, bad actors have stolen $38.9 million from various Web3 projects in the first month of 2024.

One of the first major crypto hacks of the year occurred when Radiant Capital experienced a $4.5 million loss due to an empty market exploit.

Gamma Strategies, another affected platform, fell victim to a flash loan attack on January 4, shortly after the Radiant Capital incident.

The attack exploited a code bug, enabling the hackers to siphon $6.1 million from Gamma’s public-facing vaults.

On January 16, Socket, a multichain protocol, suffered a security breach due to a vulnerability in user verification input, allowing hackers to steal nearly 2,000 ETH, valued at over $4 million.

However, Socket managed to recover 1,032 ETH (equivalent to approximately $2.3 million) and reimbursed all affected users as part of its strategy to restore user funds.

 

More Articles

Blockchain News
Bitpanda Expands to the UK After Securing FCA Approval
Veronika Rinecker
Veronika Rinecker
2025-02-12 10:48:10
Blockchain News
Russia’s Zservers Sanctioned by US, UK, and Australia for Aiding LockBit Ransomware
Hassan Shittu
Hassan Shittu
2025-02-12 10:43:48
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors