Axie Infinity revealed on Twitter that the MEE6 bot on its Discord channel had been compromised. The MEE6 team has denied that its bot was attacked.
The MEE6 bot is quite popular on Discord, and many servers use it to automate messages and other activities.
According to Axie Infinity, the attackers hacked the bot and used it to grant rights for a false Jiho account, which they then used to make a fraudulent mint announcement on May 18.
Fortunately, the coders caught on immediately. They erased the messages and uninstalled the hacked bot. According to the gaming platform, there will never be a surprising mint, and all such events will be announced on Twitter, Facebook, Discord, and Substack.
However, it was also stated that some users may still be able to access erased messages until they restart Discord. At least one user says that the attack resulted in losing an NFT and a domain.
Axie Infinity indicated that the hack is not unique to their server and that numerous servers using MEE6 Bot have experienced similar difficulties in the past. Cool Cats, RTFKT, PXN, PROOF/Moonbirds, and Memeland, have all stated that their admin accounts have been compromised due to the bot.
Those familiar with Discord security believe the hackers targeted admin accounts first. Then, using the MEE6 bot’s response role capability, they assigned the admin position to another account.
They may send webbook messages this way without exposing the hacked administrator account.
On its Discord channel, MEE6 has disputed the accusation of a breach. It claimed that its bot had caused no harm to any NFT community.
Any genuine community owners have not contacted them at the time of this communication, nor have they been contacted through Discord or any other Support Communication Channels. According to the statement, we reviewed the problem with their engineers and found no evidence of suspicious activity.