Messaging platform Discord servers of multiple large NFT collections and crypto projects, including play-to-earn game Axie Infinity, happen to be compromised, with attackers publishing phishing links that seem to be NFT mints.
Another affected projects include popular NFT collections Moonbirds and PROOF, virtual athletic shoes company RTFKT, payment network Memeland, and social graph protocol CyberConnect, amongst others, based on blockchain security firm PeckShield.
Axie Infinity confirmed that it is Discord server continues to be compromised.
“There is an agreement from the MEE6 bot that was placed on the primary Axie server,” Axie Infinity stated. “The attackers used that bot to include permissions to some fake Jiho [Shaun Zirlin, co-founding father of Axie] account, which in turn published an imitation announcement in regards to a mint.”
They noted they have removed the fake bulletins, adding they would “never perform a surprise mint.”
Another projects also have confirmed the attack, speculating the broadly-used MEE6 Discord bot may have been compromised.
“It appears the MEE6 bot is compromised. Don’t click any links within our discord,” Memeland stated on Twitter.
However, the MEE6 team has apparently denied allegations the bot was compromised. “MEE6 was, is rather than is going to be compromised,” a group member has apparently stated on Discord.
The MEE6 bot enables users to produce instructions that instantly give and take away roles and send messages in the present channels or perhaps in anyone’s direct messages, according to the website.
Meanwhile, pseudonymous NFT educator and discord security auditor Skits has claimed the attack really involved a phishing scam that compromised admin accounts and used MEE6 features to disguise which admin accounts were compromised.
“First they’ll hack an admin account. Next they’ll produce a reaction role feature from MEE6 to provide another account admin,” Skits stated. “That way, they can send webbook messages while hiding who the compromised administrator account is.”
Skits has additionally shared a screenshot of the items seems to become a dialogue one of the attackers, which appears to become “a sizable group,” where one fraudster admits to stealing more than a million.