Axie Infinity Ronin blockchain reportedly hacked with fake job offers

Axie Infinity Ronin blockchain reportedly hacked with fake job offers

Blockchain of high-profile crypto games Axie Infinity was allegedly hacked with an elaborate phishing scheme involving fake LinkedIn job offers. The block reported the news today, citing two sources with knowledge of the incident. It revealed a new dimension to one of the biggest decentralized finance hacks, or DeFi, to date.

In accordance The blockhackers – identified by the US government as the North Korean group Lazarus – targeted employees of Axie Infinity developer Sky Mavis. They allegedly contacted LinkedIn on behalf of a fake company, and when employees took the bait, they proceeded with several rounds of fake job interviews and then an “extremely generous” fake compensation package. The conclusion culminated in a senior engineer clicking on a PDF file purportedly containing the official offer – as hackers first compromised the engineer’s computer, then four of the nine nodes used to validate financial transactions on the Sky Mavis Ronin blockchain.

A malicious PDF allows hackers to compromise the entire financial system

Sky Mavis previously revealed that the hackers took control of a fifth node from the theoretically decentralized Axie The DAO, thanks to a decision to allow Sky Mavis to sign transactions during a particularly busy period in November. After that, they drained the Ethereum and USDC cryptocurrencies that supported Sky Mavis’ coffers, equivalent to about $625 million at the time. (After a recent crypto crash, it’s closer to $225 million now.) The company noticed the hack a week after it happened in March. In its earlier post-mortem, it blamed “advanced spear-phishing attacks” that compromised an employee who no longer worked at Sky Mavis – but it did not explain the exact mechanism of the hack.

See also  A week from the winter meetings, Things Said and Things Done, Carroll, Logos and Other Cubs Bullets

Axie Infinity was once seen as an example of the success of “play-to-earn” games, with some players making a full-time living off their real-money economy. But the value of the tokens plummeted amid the larger crypto crash, and Sky Mavis has spent the past few months recovering from the breach. It raised $150 million in funding to help refund players and reopened transactions on the Ronin Bridge last week. (Disclosure: I purchased three axie non-fungible tokens or NFTs to play and report on the game earlier this year.) It also implemented additional security measures to prevent future hacks. Meanwhile, it has launched a second game called Axie Infinity Origins and sought to veer away from being known as a wager rather than a game played for fun.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *