Report Suggests Elaborate Linkedin Job Offer Took Down Axie Infinity
A staff was enticed to download a “job offer” in PDF, which contains spyware that made their way to Ronin Bridge, leading to the hack.
Months after the considered greatest crypto heist, “two people with direct knowledge of the matter” revealed to news site The Block that a fake job ad was what triggered the Ronin hack that led to play-to-earn game Axie Infinity suffering an exploit of 173,600 Ethereum (ETH) and 25.5 million USD Coin (USDC) which was worth a combined $625 million at that time.
On March 29th, developer Sky Mavis discovered the hack which happened on March 23— nearly a week earlier—and reported that they had suffered an exploit on their systems which led to the shutdown of its sidechain Ronin bridge and decentralized exchange Katana.
On April 15th, the FBI reported that North Korean hacking group Lazarus is behind the attack on the Ronin Network. However, the investigators didn’t expose how the attackers did the heist.
In a report from The Block citing “two people with direct knowledge of the matter,” the hackers deceived a senior engineer at Sky Mavis into applying for a job at a fictitious company. The staff member was approached by individuals claiming to represent a fake company and was encouraged to apply for jobs through professional networking site LinkedIn.
Moreover, the sources said that the engineer was enticed with a job offering an exceptionally generous compensation package. The “offer” was then sent in a PDF document, which the engineer downloaded — allowing spyware to slip into Ronin’s systems. The attackers exploited four out of the nine validators— five signatures are required to authorizer withdrawals and is meant to protect against these types of attacks
In a blog post, Sky Mavis revealed that the hackers managed to use the Axie DAO (Decentralized Autonomous Organization), a group set up to support the gaming ecosystem, to succeed in their attack. “The attacker found a backdoor through our gas-free RPC node, which they abused to get the signature for the Axie DAO validator.”
To prevent this from happening again, Axie Infinity added five new validators to further strengthen their network’s security. Sky Mavis also offered a bug bounty for hackers who can identify “extraordinarily severe” vulnerabilities in its ecosystem. (Read more: Who are the 5 New Axie Infinity Ronin Validators?)
Moreover, a few weeks after the attack Axie Infinity immediately raised $150 million (₱8,.3 billion as of writing) to fund the reimbursement for Axie Infinity players and users affected by the Ronin hack. (Read more: Axie Infinity Ronin Hack: Sky Mavis Raises $150M from Binance, Animoca to Reimburse Hack Victims)
Three months after the attack, the Ronin bridge was reopened– which will require all validators to update their software– and Sky Mavis announced that the Ronin Bridge is set to be “redesigned” and underwent a security upgrade and several audits. (Read more: Axie Infinity’s Ronin Bridge Reopens)
The game is also definitely back on its track and announced that they will launch three esports tournaments that will take place leading up to, and at, AxieCon, a physical gathering of the Axie Infinity community in Barcelona Spain from September 7-10, 2022. The developers revealed that they will commit $1 Million in prizes for these series of esports tournaments. (Read more: Axie Infinity To Kick Off AxieCon with 3 Tournaments with a Prize Pool of One Million Dollars)
Recently, Axie Infinity also announced that it collaborated with online education platform Nas Academy and revealed the launch of Axie Creator Academy, a fully-funded course for creators to participate in. The program is designed specifically for the popular blockchain game. Sky Mavis noted that the Creator Academy is separate but complementary to the Axie Creator Program, a framework that is designed to identify and support contributors who are impactful to the Axie ecosystem.
Lastly, in the Philippines where a large number of Axie Infinity players are located, the first official Axie Infinity meetup in the country was concluded last June 14. A day prior to the event the tickets were sold out in 8 minutes. The event was graced by well-known personalities from Axie Infinity representatives and Filipino Community such as Sky Mavis’ Program Lead Zyori, Latin America Lead Lima and Philippine Lead Nix. (Read more: [Recap] AxiePH Meetup: Axie Infinity Plans to Spend Its Second Bear Market Building Alongside its Fans)
This article is published on BitPinas: Report Suggests Elaborate Linkedin Job Offer Took Down Axie Infinity
Disclaimer: BitPinas articles and its external content are not financial advice. The team serves to deliver independent, unbiased news to provide information for Philippine-crypto and beyond.
