The hacker's tricks in the Axie Infinity case

 Hacker created a ghost company, tricked into recruiting Sky Mavis engineer, causing him to download a file containing malicious code, thereby infiltrating the system.

In April, Sky Mavis, the developer of the Axie Infinity and blockchain game Ronin, announced the results of an investigation into the theft of more than 600 million USD in cryptocurrencies. Hackers have repeatedly attacked the company's employees. One of them was trapped, being exploited by hackers to break into Sky Mavis's infrastructure and get hold of the authentication buttons.

Sky Mavis did not detail the method of fraud, other than emphasizing that this is a form of "spear phishing", a targeted attack, targeting a specific and well-researched target. However, the hacker's tricks were revealed by The Block, taking opinions from two people who are said to be knowledgeable about the case.

Specifically, the hacker group created a ghost company, then took many steps to approach and gain the trust of an employee at Sky Mavis. The scam was done through the professional social network LinkedIn.

Since the beginning of the year, this ghost company has approached project engineer Axie Infininy and encouraged to apply for jobs. After many rounds of interviews like a real company, this engineer was offered a job with the promise of a high salary.

The job offer is sent via a PDF file. Due to a pre-existing exchange, the engineer trusted to download and open the file, allowing spyware to penetrate Ronin's computer and system. From this loophole, hackers created the biggest ever crypto theft in the DeFi world.

Both Sky Mavis and LinkedIn declined to comment for the above information.

Graphics game Axie Infinity. Photo: Sky Mavis
Graphics game Axie Infinity. Photo: Sky Mavis

The attack was carried out in the context of Axie Infinity which is one of the largest blockchain gaming projects in the world. Last November, this game used to have 2.7 million daily active users, weekly NFT trading volume reached 214 million USD. Many people around the world make a living playing Axie Infinity full time.

The hack on the Ronin bridge is one of the largest crypto hacks in the world. The crooks, after infiltrating Ronin's system, took control of 5/9 validator nodes, made transactions and took away 173,600 Ethereum and 25.5 million USDC. When stolen, this amount is equivalent to more than 600 million USD.

At the end of June, Sky Mavis said it had reopened the Ronin bridge and restored the lost digital currency to users in the hack.

Previous Post Next Post


{ads} x