PlayDapp Suffers $32.35 Million Security Breach

Summary

On February 9, 2024, PlayDapp, a Play to Earn (P2E) game based on Ethereum, experienced a security breach due to compromised private keys. The attacker exploited the platform and minted a total of 3.38 billion PLA tokens, which was worth nearly $617 million at the time of an incident. However, the attacker managed to convert the tokens for $32.35 million. The stolen funds were transferred to various addresses, with some deposited into the Polygon chain and Binance exchange, while a significant portion remains in the attacker’s address as of February 13, 2024.

Attackers

The identity of the attacker remains unknown. The attacker used the following Ethereum addresses:

Losses

PlayDapp suffered a loss of approximately $32.35 million due to the security breach.

Timeline

Security Failure Causes

  • Compromised Private Key: The root cause of the exploit is reportedly due to the compromise of the private keys of the privileged address.