Fake Job Offer, Unusual Reason That Triggered Cryptocurrency Theft by Millionaire at ‘Axie Infinity’

At the end of March last year Axi Infinity suffered from the theft of cryptocurrencies at that time in the amount of 620 million dollars. This happened after the hack of the Ronin blockchain, created by Sky Mavis as a key element of their gaming infrastructure. play to earn. And while the firm has refunded the stolen crypto assets and taken appropriate security measures on its network, hitherto unknown details of what happened have surfaced in the past few hours.

As published Blockthe origin of the attack on the Ronin blockchain – and therefore on Axi Infinity– It was an elaborate prank played against an engineer who was part of the team responsible for the development of the popular game. The above media is based on two sources with direct knowledge of the situation, who claim that the trap was created through fake job offer.

In its post-hack report, Sky Mavis already mentioned that one of its employees was “compromised.” However, the company has never provided specific explanations about what happened or how it happened. This is the reason why the data that has been revealed in the last few hours is so shocking.

Fake job offer, key to stealing crypto from Axie Infinity

Block explains that the command Axi Infinity at the beginning of the year, he was approached by a fake company that, through LinkedIn, encouraged them to apply for very competitive jobs. “Senior engineer” fell for the bait and was open to hackers.

Thus, after several interviews, the prospective company offered the said person a job. Needless to say, it was all a hoax. An offer that promised significant financial compensation was delivered via a PDF file infected spyware. By downloading it to his computer, the developer inadvertently opened the door for hackers to access the Ronin blockchain infrastructure.

Thus, cybercriminals gained control over four of the nine validator nodes in the network. But even this was not enough for them to transfer funds into cryptocurrencies, since they needed another cryptographic signature. That’s why they also attacked Axi DAO – decentralized autonomous organization Axi Infinity— by reaching the missing check.

Known tactic, but still effective

Hackers often attack employees of large technology companies trying to gain access to their systems. Last year, for example, the hackers who broke into Electronic Arts used cookie stolen in order to log into the company’s Slack channels and request access credentials, impersonating a real employee.

When Axi Infinity and Skye Mavis, has the aggravated circumstance of yielding big boil time for crypto/NFT/web3 projectsregardless of market fluctuations. And it is also not surprising that the employee attacked by hackers no longer works for the company that developed the famous game. play to earn.

Hacking Ronin and then extracting funds from Axi Infinity was associated with Lazarus, a North Korean-sponsored hacker group. Of all the stolen funds, only about $6 million has been recovered so far, which they tried to “launder” through Binance. Meanwhile, in order to return stolen crypto assets to users, Sky Mavis raised $150 million in the funding round.