Hackers Stole US$620 Million From Axie Infinity With Fake Job Interviews

Share post:

The crypto hack, in which the gaming platform Axie Infinity lost US$620 million worth of crypto, began with a fake job interview that one of the game’s developers engaged.

The attack took place in March and in April the FBI linked the attack to the Lazarus and APT38 hackers, both of whom are linked to the North Korean government.

According to sources familiar with the investigation, the attackers contacted Sky Mavis (the company behind the Axie Infinity game) staff via LinkedIn with the bogus intention of hiring them.

One of the senior developers of Axie showed interest in the job offer and received a PDF file pretending to be details of the job offer. The malicious document gave the attackers access into the Ronin systems.

The Ronin system is the Ethereum-linked sidechain that supports the Axie Infinity non-fungible token-based online video game.

The employee downloaded and opened the file on the company’s computer, triggering a chain of infection that allowed the hackers to break into Ronin’s systems and corrupt four token validators and an Axie Decentralized Autonomous Organization (DAO) validator.

The employee has been relieved of his position while the gaming platform works tirelessly to rebuild and refund players affected by the hack.

The sources for this piece include an article in BleepingComputer.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Google Play introduces new biometric verification with a user warning

Google has recently announced updates to the biometric verification process for Google Play purchases, aiming to bolster security...

AI surpasses human benchmarks in most areas: Stanford report

Stanford University’s Institute for Human-Centered Artificial Intelligence (HAI) has published the seventh annual issue of its AI Index...

Cyber Security Today, Week in Review for week ending Friday April 19, 2024

On this episode Jen Ellis, co-chair of the Ransomware Task Force, talks about ways of fighting one of the biggest cyber threats to IT d

Cyber Security Today, April 19, 2024 – Police bust phishing rental platform, a nine-year old virus found on Ukrainian computers, and more

This episode reports on a threat actor targeting governments in the Middle East with a novel way of hiding malware is going international

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways