Messaging platform Discord is a messaging platform. servers hosting multiple huge NFT collections and crypto-related projects, including the play-to-earn game Axie Infinity Axie Infinity, have been compromised. Attackers are posting phishing links which look like mints from NFT.
Other affected projects include the popular NFT collection Moonbirds and PROOF Virtual sneakers company RTFKT as well as payment platform Memeland and the social graph technology CyberConnect as well as others, as per the security firm for blockchain PeckShield.
Axie Infinity confirmed that its Discord server was compromised.
“There was a breach of the MEE6 bot that was installed by the principal Axie server” Axie Infinity stated. “The hackers used the bot to give permissions to the fake Jiho (Jeff Zirlin, cofounder of Axieaccount] that then made an fake announcement on mints.”
The team also noted that they’ve taken down the fake announcements, saying that they would “never ever do an unexpected mint.”
A few other projects have confirmed the attack, while speculating that the popular MEE6 Discord bot might have been compromised.
“It seems like the MEE6 bot has been compromised. Please don’t follow any links within the discord of our channel,” Memeland said on Twitter.
However MEE6 has claimed that it was not compromised. MEE6 team has reportedly denied claims of bot hacking. “MEE6 was and will never not be compromised” staff member claimed on Discord. declared on Discord.
The MEE6 bot allows users to make commands that will automatically assign and take away roles, and also transmit messages to the channels that are currently active or in the direct messages of the user, in accordance the website.
In the meantime, the pseudonymous NFT educator and security auditor for discord Skits has declared that this attack was an scam known as a phishing scam that affected admin accounts and employed MEE6 features to hide the accounts of admins that were compromised.
“First they’ll hack an administrator account. Then, they’ll create an reaction role function from MEE6 to allow an alternate administrator for the account,” Skits said. “Using this technique it will allow them to send webbook-related messages while concealing who the administrator account that has been compromised is.”
Skits has also posted a photo of what seems to be a conversation between the scammers that appears to have been “a massive group” with one fraudster who admitted to having stolen over one million dollars.