Crypto Opinions & News How a Fake Job Offer Took Down the World’s Most Popular Crypto Game

Disclaimer: Any information contained on this forum is provided as general market commentary, and does not constitute investment, financial, trading or other sort of advice.

upnorth

upnorth

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
  • Hackers duped a senior engineer at Axie Infinity into applying for a job at a fictitious company.
  • The scheme resulted in the loss of $540 million in crypto earlier this year.
  • Details of how the hack was carried out are being reported for the first time by The Block.
Rarely has a job application backfired more spectacularly than in the case of one senior engineer at Axie Infinity, whose interest in joining what turned out to be a fictitious company led to one of the crypto sector’s biggest hacks. Ronin, the Ethereum-linked sidechain that underpins play-to-earn game Axie Infinity, lost $540 million in crypto to an exploit in March. While the US government later tied the incident to North Korean hacking group Lazarus, full details of how the exploit was carried out have not been disclosed. The Block can now reveal that a fake job ad was Ronin’s undoing.
Click to expand...
Axie Infinity was huge. At its peak, workers in Southeast Asia were even able to earn a living through the play-to-earn game. It boasted 2.7 million daily active users and $214 million in weekly trading volume for its in-game NFTs in November last year — although both numbers have since plummeted. Earlier this year, staff at Axie Infinity developer Sky Mavis were approached by people purporting to represent the fake company and encouraged to apply for jobs, according to the people familiar with the matter. One source added that the approaches were made through the professional networking site LinkedIn. After what one source described as multiple rounds of interviews, a Sky Mavis engineer was offered a job with an extremely generous compensation package.

The fake “offer” was delivered in the form of a PDF document, which the engineer downloaded — allowing spyware to infiltrate Ronin’s systems. From there, hackers were able to attack and take over four out of nine validators on the Ronin network — leaving them just one validator short of total control.
Click to expand...
Full source:

 
  • Like
Reactions: Gandalf_The_Grey, Vasudev and harlan4096

Similar threads

upnorth
    • Applause
    • Like
Crypto Opinions & News Norway finds a way to Recover Crypto North Korea pinched in Axie Heist
Replies
1
Views
413
Crypto News
MuzzMelbourne
MuzzMelbourne
vtqhtr413
    • Like
Crypto Opinions & News How cybercriminals launder dirty crypto
Replies
9
Views
695
Crypto News
Zero Knowledge
Z
vtqhtr413
    • Like
    • HaHa
Crypto Opinions & News Hacker spins up 1 million virtual servers to mine crypto
Replies
1
Views
373
Crypto News
MuzzMelbourne
MuzzMelbourne

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top