Mee6 Hacked: Discord’s bot had a vulnerability

Looks like Mee6 had something going on and resulted in some temporary panic on a Discord server

Y’all ever heard of Mee6? You know, that super popular Discord bot that locked leveled roles behind a paywall? Well, today it got hacked after having received some notifications from YouTube user CallMeCarson’s Discord server.

Twitter user h0nda made a post shortly after this event, regarding the event and ensuring that nobody was seriously damaged from this event.

According to h0nda, they had found a vulnerability with an endpoint on Mee6’s web dashboard which never checked if the user accessing the site actually had access to a specific channel. This allowed for h0nda to send messages and mention everyone in servers, effectively making that scare shown earlier.

This may seem like a negative act, but in all reality this was actually sort of a good thing. You might be wondering why someone would say such a thing, and I’ll explain that.

There are two kinds of hackers: white hat hackers and black hat hackers. In essence, white hats are the good guys and the black hats aren’t; however, I’ll only look at white hats due to their relevance in this situation. Because of this vulnerability, I suspect that h0nda didn’t want this to slip by unnoticed. In order for this vulnerability to be discovered, presenting the damage that could be done allowed for the developers to fix this issue. They then posted about this on Twitter to ensure that it was known that this was intentionally done to present these issues.

So that about wraps up this issue. Something small, but still definitely worth mentioning this issue. Comment on this post if there’s anything I missed; otherwise, thanks for reading!