Tuesday, August 16, 2022
Home Tech News Axie Infinity’s blockchain was reportedly hacked via a fake LinkedIn job offer

Axie Infinity’s blockchain was reportedly hacked via a fake LinkedIn job offer

The blockchain of high-profile crypto game Axie Infinity was reportedly hacked with an elaborate phishing scheme involving fake LinkedIn job offers. The Block reported the news today, citing two sources with knowledge of the incident. It revealed a new dimension to one of the biggest decentralized finance, or DeFi, hacks to date.

According to The Block, hackers — identified by the US government as North Korean group Lazarus — targeted employees of Axie Infinity developer Sky Mavis. They reportedly reached out over LinkedIn on behalf of a fake company, and when employees took the bait, they proceeded with multiple rounds of fake job interviews and then an “extremely generous” fake compensation package. The con culminated in one senior engineer clicking a PDF supposedly containing the official offer — at which point hackers first compromised the engineer’s computer, then four of the nine nodes used to validate financial transactions on Sky Mavis’ Ronin blockchain.

Sky Mavis disclosed previously that the hackers took control of a fifth node from the theoretically decentralized Axie DAO, thanks to a decision to let Sky Mavis sign transactions during a particularly busy period in November. After that, they drained the Ethereum and USDC cryptocurrency that backed Sky Mavis’ treasury, the equivalent of about $625 million at the time. (Following a recent crypto crash, it’s closer to $225 million now.) The company noticed the hack a week after it occurred in March. In its earlier post-mortem, it blamed “advanced spear-phishing attacks” that compromised an employee who no longer worked at Sky Mavis — but it didn’t explain the exact mechanism of the hack.

Axie Infinity was once seen as an example of the success of “play to earn” games, with some players making a full-time living off its real-money economy. But the value of its tokens plummeted amid the larger crypto crash, and Sky Mavis has spent the past months recovering from the breach. It raised $150 million in funding to help reimburse players and reopened transactions on its Ronin bridge last week. (Disclosure: I purchased three axie non-fungible tokens or NFTs to play and report on the game earlier this year.) It also implemented additional security measures to prevent future hacks. Meanwhile, it’s launched a second game called Axie Infinity Origins and attempted to pivot away from being known as a money-making endeavor rather than a game that’s played for fun.

- Advertisment -

Most Popular

Inflation chipping away at your back-to-school budget? Here’s how to save

Balancing the budget for back-to-school shopping is more difficult for parents this year as rampant inflation threatens piggy banks nationwide. More than a third of...

Granny does Q&A from beyond the grave after AI was trained to answer for her

Marina Smith MBE, who died in June aged 87, speaks to mourners at her own funeral (Credit: Storyfile)A woman who died in June has...

How to get the Android 13 update on your Pixel right away

Google announced on August 15th, 2022, that it would begin rolling out the Android 13 update to its portfolio of Pixel devices. As is...

Windows 11’s next big update arrives next month with Start menu folders, new gestures, and more

Microsoft is planning to release its next big Windows 11 update, version 22H2, on September 20th. Sources familiar with Microsoft’s plans tell The Verge...