February 13, 2024 at 11:38AM
Hackers exploited a stolen key to steal over $290 million in PLA tokens from the PlayDapp platform. PlayDapp immediately took action, transferring assets, offering a reward to the hacker, and eventually suspending trading. Elliptic reported the hackers’ movement of funds, and suspicions of the North Korean Lazarus Group’s involvement arose due to the attack’s scale and methods.
From the meeting notes, it is clear that a significant security breach has occurred within the PlayDapp ecosystem involving the theft of over $290 million in PLA tokens. The hackers exploited a stolen private key to mint and steal tokens, prompting PlayDapp to take immediate action.
PlayDapp transferred all held tokens to a new secure wallet and offered a $1 million “white hat” reward to the hacker for returning the stolen assets, while also threatening to involve law enforcement if the assets were not returned. Unfortunately, the hackers continued their activities, minting a significant amount of additional PLA tokens.
As a result, PlayDapp has suspended PLA trading on decentralized exchanges, frozen the hacker’s wallets on major exchanges, and is planning to migrate to a new system using a current snapshot to safeguard assets. Additionally, users are advised to be vigilant against phishing and scams.
The breach has led to the movement and laundering of stolen tokens, impacting legitimate PLA token holders and causing the token price to drop. Cryptocurrency experts suspect the involvement of the Lazarus Group, a North Korean hacking collective known for executing large-scale breaches against crypto-gaming platforms.
Overall, the breach has had a significant impact on PlayDapp and its community, and the company is working to mitigate the situation and protect its users from further harm.