PlayDapp hacker attack report: Administrator’s private key stolen due to domain name spoofing email
On April 1st, blockchain game platform PlayDapp released a post-hack report. The reason for the theft was that PlayDapp received a domain spoofing email from a hacker on January 16th. The email disguised itself as a cooperative exchange of PlayDapp. After PlayDapp opened the attachment in the email, malicious code was executed, and a tampered remote access multi-session tool was installed. The hacker then remotely controlled the PC, resulting in the theft of the administrator's private key. On February 9th, the hacker illegally used the stolen private key to change the contract's full authority to their account, deleted the authorization of the existing administrator, and invalidly minted 200 million PLA tokens to their account. PlayDapp stated that the domain owner (in this case, the exchange) can prevent this type of domain spoofing by setting up a simple security measure called DMARC.
As previously reported by Jinse Finance, PlayDapp was hacked twice in February. PlayDapp decided to migrate the tokens from PLA 1:1 to PDA.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Riot Platforms buys 667 BTC for $69M, boosting its holdings to 17,429 BTC
Ohio state’s lawmaker announces plans to initiate a Bitcoin Reserve
Senate Banking Committee cancels confirmation vote for SEC’s Caroline Crenshaw
In the meantime, Trump will name either Commissioner Hester Peirce or Mark Uyeda as acting chair
Trump family crypto project WLFI reaches cooperation with Ethena Labs
Trending news
MoreCrypto prices
More
