The web3 gaming platform PlayDapp has suffered a major security breach, resulting in the unauthorized issue of 200 million PLA tokens.
The blockchain security and analytics firm PeckShield Inc. spotted the breach on Feb. 10 and alerted PlayDapp about the exploit in a social media post.
“New 200m $PLA tokens were just freshly minted,” said PeckShield. “It seems to be a private key leak and the new minter was just added in the following tx.”
Hi @playdapp_io, you may want to take a look.
New 200m $PLA tokens were just freshly minted. It seems to be a private key leak and the new minter was just added in the following tx: https://t.co/tyxDksNwSt pic.twitter.com/SkjZsTjtdQ
— PeckShield Inc. (@peckshield) February 9, 2024
PlayDapp confirmed the hack on the same day following the breakout and acted to reinstate the security, saying, “We are writing to inform you of a critical security incident involving the PLA token contract. The PLA token contract has been hacked and additional PLA tokens have been issued.”
The platform also published an announcement for PLA wallet transfer. PlayDapp took a protective measure to transfer all PlayDapp-held PLA, encompassing both locked and unlocked assets, to a newly secured wallet.
To resolve the exigent issue, PlayDapp has reached out to the hacker via an on-chain message, proposing a reward for the prompt return of all stolen contracts and assets.
“Failure to accept this offer will prompt us to quickly work with the FBI and law enforcement agencies in the pursuit of the hacker,” declared the company. “We will publicly announce a bounty and seek assistance from a WEB3 security provider.”
However, the community do not endorse the platform’s reactions. A user replied to PlayDapp’s post, saying, “The