Twitter account PeckShieldAlert, which shares about security problems in the blockchain ecosystem, made a new announcement recently. In this announcement, PeckShieldAlert reported that Axie Infinity has detected a number of phishing attempts on its Discord server. Here are the details…
Phishing Attack Happened at Axie Infinity
According to blockchain security firm PeckShield, the play-to-win game Axie Infinity was recently hit by a phishing attack. So much so that the attackers compromised by posting phishing links that looked like NFT mints.
In a statement on the subject from its official Twitter account, Axie Infinity stated that a security vulnerability was detected in a bot on the server and included the following statements in its Twitter post;
A vulnerability has occurred in the MEE6 bot uploaded to the main Axie server. The attackers used this bot to add permissions to a fake Jiho [Jeff Zirlin, Axie co-founder] account, and then posted a fake announcement about a mint.
The project team stated that they removed the fake announcements immediately after the attack and warned their users to be careful, underlining that they “will never make a surprise mint”.
Other Projects Also Confirmed Vulnerability
In addition to Axie Infinity, several other projects have also confirmed the attack, suggesting that the widely used MEE6 Discord bot may have been compromised.
So much so that, together with the statement made on Twitter, Memeland told its users, “It seems that the security of the MEE6 bot has been breached. Please don’t click any link in our dispute,” he said.
MEE6 Rejects Allegations
However, the MEE6 team ostensibly denied claims that the bot was compromised.
The MEE6 bot allows users to generate commands that automatically assign and remove roles and post messages on existing channels or user’s direct messages according to the website.
Also, the pseudonymous NFT educator and security auditor Skits claimed that the attack actually contained a phishing scam that compromised administrator accounts and used MEE6 features to hide which administrator accounts had been compromised.
Skits made the following statements in his statements on the subject;
First they will hack an administrator account. Second, they will build a response role feature from MEE6 to give an alternative account manager. Using this method, they will be able to send webbook messages while hiding who the compromised administrator account is.
Skits also shared a screenshot of a conversation between the attackers, who appeared to be a “large group” that a scammer admits has stolen more than a million copies.