Axie Infinity's $500m+ Hack Was Reportedly Caused by a Fake Job Offer

Zen Khurana
Updated On: 
<div class="paragraphs"><p>Axie Infinity Lost $500m Via A Fake Linkedin Job Listing</p></div>
Axie Infinity Lost $500m Via A Fake Linkedin Job Listing

Cover-Credits: 

Axie Infinity

Highlights
The hack that resulted in Axie Infinity losing about $540 million was socially engineered through a fake job offer
Hackers acted as a fake company to con a senior engineer into applying for a fake job and presented with an “extremely generous” fake compensation package delivered through a PDF.
The PDF was spiked with spyware, which allowed hackers to gain access to Ronin servers allowing them to siphon millions in cryptocurrency from Sky Mavis.

In March, Axie Infinity went from being one of the most promising blockchain games with players earning enough money to make a living to a prime example of what can go wrong with cryptocurrency technology if things aren’t handled deftly. The primary cause of this was a hack which saw Sky Mavis losing 173,600 Ethereum (about $591.2 million) from the Ethereum-linked Ronin sidechain powering the game.

A recent report by The Block has revealed the cause of this massive hack: A fake job offer on LinkedIn.

Fake job offer undos Axie Infinity

According to The Block which cited two anonymous sources with knowledge of the incident, multiple employees working for Sky Mavis were approached by hackers who were posing as job recruiters on Linkedin. When one senior engineer took the bait after attending multiple interviews, he was presented with an “extremely generous” fake compensation package.

This compensation package was delivered to him via a PDF file, which allowed spyware to infiltrate the Ronin servers and gain access to four out of the nine Ronin validator nodes, which left them just one short of taking over the network. They also used a separate organization named the Axie DAO (Decentralized Autonomous Organization) to gain access to the fifth node and obtain full control of Ronin.

They then drained Sky Mavis' treasury of Ethereum and USDC cryptocurrency, worth about $625 million at the time. This money is yet to be recovered from the hackers-who are suspected to be North Korean hacker group Lazarus by the U.S. government.

Sky Mavis has previously disclosed that the employee who compromised Sky Mavis’ IT infrastructure and the Ronin Validators was no longer working in the company.

Following the hack, Sky Mavis raised $150 million in April to reimburse players who lost money due to this exploit. The company has also restarted the Ronin bridge, with stricter security measures, which includes the addition of a circuit-breaker for large-scale transactions and an increase in the number of Ronin validator nodes, boosting it to 11.

Published On: 
author profile picture
Zen Khuranatwitter_link
Zen is a blockchain gaming writer for AFK Gaming. As an avid gamer since childhood, he is now focused on the booming blockchain gaming space.