“Unsatisfactory” cybersecurity measures among play-to-earn (P2E) crypto games pose a great risk to GameFi projects and their gamers alike, warns blockchain cybersecurity auditor Hacken.
In an Aug. 1 report shared with Cointelegraph, Hacken said that data indicates that Gaming Finance (GameFi) projects, the category which P2E games would fall under, often “put profits above security” by releasing products without taking appropriate precautions against hackers.
“GameFi projects […] do not follow even the most essential cybersecurity recommendations, leaving malicious actors numerous entry points for attacks.”
P2E games often incorporate nonfungible tokens (NFTs) in their ecosystems in addition to crypto. The largest projects, such as Axie Infinity (AXS) and Stepn (GMT) use a wide array of products designed to enhance the gaming experience, such as token bridges, blockchain networks, or physical merchandise.
Hacken researchers found that based on data collected by crypto security ranking service CER.live., there were severe deficiencies in GameFi cybersecurity in particular. It found that out of 31 GameFi tokens studied, none received the top security ranking AAA, while 16 received the worst D score.
Rankings for each project were determined by weighting various aspects of their cybersecurity, such as token audits, whether they have a bug bounty and insurance, and if the team is public.
Hacken’s report explained that GameFi projects typically scored low as it found that no P2E projects had insurance coverage which could help projects recover funds immediately in the instance of a hack.
The lack of insurance is partially confirmed by crypto insurance firm InsurAce’s chief marketing officer Dan Thomson, who told Cointelegraph on Thursday that it was not covering any P2E projects.
The report also found that only two projects have an active bug bounty program in place. Axie Infinity and Aavegotchi have bug bounties that award monetary compensation to white hat hackers for finding bugs in the project’s code.
Finally, it found that while 14 projects have…