The blockchain of popular crypto game Axie Infinity was hacked with an intricate phishing technique involving fake LinkedIn job offers, as per the reports of two sources with details of the incident. The reports revealed a new prospect to one of the most prominent decentralized finance, or DeFi, hacks to date.
Also Read this, 8.7 M hack on Solana’s Liquidity Protocol CremaFinance
Details of Axie Infinity Hack
According to reports, hackers were identified by the US government as the North Korean group Lazarus. They targeted employees of Axie Infinity developer Sky Mavis. Apparently, the hackers reached out over LinkedIn on behalf of a fake company, and when employees took the bait, they moved with multiple rounds of fake job interviews and then an extremely generous fake compensation package.
The con topped in one senior engineer clicking a PDF allegedly containing the official offer at which point hackers first compromised the engineer’s computer, then four of the nine nodes utilized to validate financial transactions on Sky Mavis’ Ronin blockchain.
Sky Mavis disclosed once that the hackers took control of a fifth node from the theoretically decentralized Axie DAO, thanks to a decision to let Sky Mavis sign transactions during an extremely busy period in November. After that, they emptied the Ethereum and USDC cryptocurrency that backed Sky Mavis’ treasury, the equivalent of about $625 million at the time. The company noticed the hack a week after it transpired back in March. In its earlier assessment, it blamed advanced spear-phishing attacks that compromised an employee who no longer operated at Sky Mavis. However, they didn’t explain the actual mechanism of the hack.
Axie Infinity was once seen as a specimen of the success of play-to-earn games. In fact, some players earn a full-time living off the real-money economy. Though the value of its tokens descended amid the larger crypto crash and Sky Mavis has devoured the past few months recovering from the breach. It raised $150 million in funding to help compensate players and reopened transactions on its Ronin bridge around last week.
In addition, the platform also implemented extra security measures to prevent future hacks. Meanwhile, it’s pitched a second game dubbed Axie Infinity Origins and tried to pivot away from being known as a money-making effort rather than a game that’s played for fun.
Hungry for more information?
NFT Calendar from NFTHi
Join us on Telegram!
NFTHI does not recommend any kind of Investment in NFTs or NFT trading. All the strategies are merely educational references.
Conduct thorough research before you start with NFT trading.