PlayDapp Hacker Attack Report: Administrator's private key stolen due to domain name spoofing email
2024-04-01 09:39:33
On April 1st, it was reported that the blockchain gaming platform PlayDapp released a post hacking report. The reason for the theft was that PlayDapp received a domain name spoofing email from a hacker on January 16th, which disguised itself as PlayDapp's cooperative exchange. After PlayDapp opened the attachment in the email, the malicious code was executed and a tampered remote access multi session tool was installed. Subsequently, the hacker remotely controlled the PC, causing the administrator's private key to be stolen. On February 9th, hackers illegally used the stolen private key to change all permissions of the contract to their account, deleted the authorization of existing administrators, and effectively minted 200 million PLA tokens into their account. PlayDapp claims that the domain owner (in this case, the exchange) can prevent this type of domain spoofing by setting up a simple security measure called DMARC.
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.
Previous article:
PlayDapp黑客攻击报告:因域名欺骗邮件导致管理员私钥被盗Next article:
泰国加密交易所Bitkub计划2025年进行IPO
