In this malicious way, the crypto game Axie Infinity was hacked and more than half a billion dollars were stolen
The content site is one of the sites that provide the service of answering general questions and solving puzzles and crossword puzzles
Where the content site is primarily interested in answering your questions in all areas, including solving puzzles and crossword puzzles
Answer In this malicious way, the crypto game Axie Infinity was hacked and more than half a billion dollars were stolen
There is a firm belief among many cybersecurity professionals that the most threatening threat and vulnerability is related to the human factor, not the machine or algorithm.
Through social engineering, hackers seek to find a vulnerability in the system by targeting employees and workers in the target’s internal environment.
In this malicious way, the Axie “Infinity” project was hacked:
The story begins when a senior engineer at Axie Infinity applies for a job that intrigues him with a fictitious company that turns out to be one of the biggest hacks in the crypto market.
Read:A fraudster who stole over $15,000 in cryptocurrency by impersonation has been arrested
Ronin, the Ethereum-linked side network that powers the play-for-profit game Axie Infinity, lost $540 million in cryptocurrency in March 2022.
While the US government later linked the incident to the North Korean hacker group Lazarus, full details of how the exploit was carried out were not revealed.
The Block reveals some previously unknown details.
The details to be presented were recounted by two individuals with direct knowledge of the matter, who were promised anonymity due to the sensitive nature of the incident.
Axie Infinity is one of the mega projects in its field.
The project was at its peak at the time of piracy, as the project gave players in Southeast Asia the ability to make a living by playing for profit.
Axie Infinity boasted 2.7 million daily active users and $214 million in weekly trading volume for in-game NFTs in November of last year, and the numbers have fallen since then.
Earlier this year, developers at Axie Infinity Sky Mavis were contacted by people claiming to represent the fake company and encouraged to apply for jobs, according to people familiar with the matter.
Read:NEO and Celer Network Partnership to Improve Decentralized Applications Ecosystem
One of the sources added that the methods were carried out through the professional networking site LinkedIn.
After what one source described as multiple rounds of interviews, the Sky Mavis engineer was offered a job with a very generous salary.
The fake presentation was delivered in the form of a PDF document, which the engineer downloaded allowing the spyware to infiltrate Ronin’s systems.
From there, the hackers were able to attack and take over four of the nine authenticators on the Ronin network, leaving them almost in complete control of the protocol.
In a blog post after the hack, published on April 27, Sky Mavis, the company behind Axie Infinity, said:
The employees were subjected to continuous advanced phishing attacks on different social channels and one of the employees was hacked.
This employee is no longer employed at Sky Mavis.
The attacker was able to take advantage of this access to hack Sky Mavis’ IT infrastructure and gain access to the validation nodes.
Validators perform various functions in blockchain networks, including creating transaction blocks and updating oracle data.
Read:The launch of Ethereum 2.0 could be a threat to the Cardano project
Ronin uses what’s called a proof of authority system to sign transactions, concentrating power in the hands of nine trusted actors.
An April blog post about the incident from blockchain analytics firm Elliptic explains:
Funds can be transferred if five of the nine auditors agree to them.
The attacker managed to obtain the private encryption keys of five validators, which was enough to steal the cryptocurrency.
After successfully infiltrating Ronin’s systems through a fake job advertisement, the hackers had control of only four out of nine validators, meaning they needed another in order to gain control.
In a post-incident report, Sky Mavis revealed that hackers were able to use Axie DAO (Decentralized Autonomous Organization) to complete the theft.
Sky Mavis asked DAO to help deal with its heavy transaction load in November 2021.
Earlier, Axie DAO allowed Sky Mavis to sign several transactions on its behalf.
This was discontinued in December 2021, but access to the allowed list has not been revoked.
Sky Mavis said in the blog post:
Once the attackers had access to the Sky Mavis systems, they were then able to obtain the signature from the Axie DAO auditors.
A month after the hack, Sky Mavis increased the number of its validation nodes to 11, and said in the blog post that its long-term goal is to acquire more than 100 nodes.
Sky Mavis declined to comment on how the hack was implemented.
Earlier, “ESET Research” published an investigation that showed that Lazarus hackers in North Korea misused and exploited the social networks LinkedIn and WhatsApp to their hideous advantage.
The penetration rate of DeFi projects has accelerated rapidly this year, exceeding $2 billion in total lost funds, according to data from The Block Research.
Read also:
Bitstamp backtracks on its decision to charge inactive accounts a monthly fee
Solana-based NFT transaction volume outperforms Ethereum
And you can ask questions on the content site through the word “Ask a question” at the top of the site, where we answer your questions in a short time