Several NFT projects were attacked after hacking the Mee6 bot in Discord

image

The attacker hacked the popular Discord bot Mee6 and sent fraudulent messages to Discord on behalf of one of the creators of the NFT game Axie Infinity.

Spam messages were sent in several NFT projects:

  • Axie Infinity from Sky Mavis Studio;
  • Memeland, supported by 9GAG;
  • RTFKT owned by Nike;
  • CLONEX from Phantom Network (PXN);
  • Moonbirds of the Proof platform.

CyberConnect’s Web3 infrastructure was also compromised by the Mee6 bot, which sent malware links to users.

The cybercriminal sent fraudulent messages on behalf of one of the co-founders of the game Axie Infinity about the possibility of screwing up (minting) NFT. The developers have already removed the fake messages and the compromised bot, and also recommended that users restart the bot to avoid further malicious messages.

Mee6 engineers conducted an internal investigation and found no signs of hacking. According to experts, the hacker compromised the employee’s account. Now the problem has been solved, and there is no threat.

Mee6 is a very popular bot that is used by about 16 million Discord servers worldwide. Mee6 automates a wide range of functions, including:

  • basic moderation;
  • sending administrator messages;
  • music playback.

Bots in Discord pose a security threat due to increased user confidence in bots, as channel participants assume that messages are sent from administrators. If a cybercriminal hacks a bot and truthfully composes a fraudulent message, then users will believe the fraudster and become victims of phishing or malware.

Start a discussion …