blockisthenewchain.com
  • Home
  • Cybersecurity
    • All
    • Corporate Security
    • Data Security
    • System security
    • Web Security
    edge computing

    How important is Edge Computing Security?

    Enhance Smart Cybersecurity

    Three Cognitive Technologies to Enhance Smart Cybersecurity

    phishing_result

    An 11-fold increase in phishing attacks exploiting SaaS platforms

    phishing attacks exploiting saas

    A Simple Guide to Manually Renewing an SSL Certificate

    Protecting Your WordPress Site

    6 Tips for Protecting Your WordPress Site

    Secure SSH Server

    8 Ways to Secure SSH Server Connections on Linux

    Trending Tags

    • Vulnerability
    • IoT-Security
    • Metaverse
    • Application Security
    • Cloud-Security
  • Hacking stories
    • All
    • Apps Hacking stories
    • Exchange Hacking stories
    protect your smart home

    How to protect your Smart Home from hackers

    Hacking Anonymous

    6 ways the hacker group Anonymous is waging cyber-war against Russia

    Investment scammers

    Investment scammers target dating app users

    Axie-Infinity-AXS-Metaverse

    Hacking Story: How a fake job offer took down the world’s most popular crypto game?

    Trending Tags

    • Artificial-Intelligence
    • website security
    • Deep-Learning
    • Hacker-Attack-and-Defense
  • News
    • All
    • Business
    • Crypto News
    • Cybersecurity News
    • World News
    Vitalik-meta

    Meta’s metaverse is doomed, says Vitalik Buterin

    Tiner metaverse

    Tinder puts its metaverse and digital currency project on hold

    bernard arnault

    Bernard Arnault’s investment fund will invest 100 million euros in Web3

    invest in cybersecurity startup

    How can VCs invest in cybersecurity startups in challenging times?

    Venture-Capital-decline

    Cybersecurity Venture Capital Investments: Severe Decline in Q2 2022

    SaaS Security Certification

    A Comprehensive Guide to SaaS Security Certification

    Trending Tags

    • WEB3
    • DEFI
    • Crypto
    • Blockchain
    • Data Security
  • Blockchain
    • All
    • Cryptocurrency
    • Metaverse
    • NFT
    • Trends and DEFI
    • Web3
    blockchain API

    Excellent blockchain API for developers

    The next generation of blockchains

    The next generation of blockchains – cross-chain interoperability

    massa-autonomous-smart-contracts

    Can autonomous smart contracts be the future of blockchain technology?

    blockchain-Blockisthenewchain

    Blockchain Basics – What is Blockchain Technology

    metaverse-cloud

    How will the metaverse affect cloud security?

    What is MetaMask

    What is MetaMask? And is it safe to use?

  • Startups
  • Login
No Result
View All Result
  • Home
  • Cybersecurity
    • All
    • Corporate Security
    • Data Security
    • System security
    • Web Security
    edge computing

    How important is Edge Computing Security?

    Enhance Smart Cybersecurity

    Three Cognitive Technologies to Enhance Smart Cybersecurity

    phishing_result

    An 11-fold increase in phishing attacks exploiting SaaS platforms

    phishing attacks exploiting saas

    A Simple Guide to Manually Renewing an SSL Certificate

    Protecting Your WordPress Site

    6 Tips for Protecting Your WordPress Site

    Secure SSH Server

    8 Ways to Secure SSH Server Connections on Linux

    Trending Tags

    • Vulnerability
    • IoT-Security
    • Metaverse
    • Application Security
    • Cloud-Security
  • Hacking stories
    • All
    • Apps Hacking stories
    • Exchange Hacking stories
    protect your smart home

    How to protect your Smart Home from hackers

    Hacking Anonymous

    6 ways the hacker group Anonymous is waging cyber-war against Russia

    Investment scammers

    Investment scammers target dating app users

    Axie-Infinity-AXS-Metaverse

    Hacking Story: How a fake job offer took down the world’s most popular crypto game?

    Trending Tags

    • Artificial-Intelligence
    • website security
    • Deep-Learning
    • Hacker-Attack-and-Defense
  • News
    • All
    • Business
    • Crypto News
    • Cybersecurity News
    • World News
    Vitalik-meta

    Meta’s metaverse is doomed, says Vitalik Buterin

    Tiner metaverse

    Tinder puts its metaverse and digital currency project on hold

    bernard arnault

    Bernard Arnault’s investment fund will invest 100 million euros in Web3

    invest in cybersecurity startup

    How can VCs invest in cybersecurity startups in challenging times?

    Venture-Capital-decline

    Cybersecurity Venture Capital Investments: Severe Decline in Q2 2022

    SaaS Security Certification

    A Comprehensive Guide to SaaS Security Certification

    Trending Tags

    • WEB3
    • DEFI
    • Crypto
    • Blockchain
    • Data Security
  • Blockchain
    • All
    • Cryptocurrency
    • Metaverse
    • NFT
    • Trends and DEFI
    • Web3
    blockchain API

    Excellent blockchain API for developers

    The next generation of blockchains

    The next generation of blockchains – cross-chain interoperability

    massa-autonomous-smart-contracts

    Can autonomous smart contracts be the future of blockchain technology?

    blockchain-Blockisthenewchain

    Blockchain Basics – What is Blockchain Technology

    metaverse-cloud

    How will the metaverse affect cloud security?

    What is MetaMask

    What is MetaMask? And is it safe to use?

  • Startups
No Result
View All Result
blockisthenewchain.com
No Result
View All Result
Home Blockchain Web3

Hacking Story: How a fake job offer took down the world’s most popular crypto game?

Hackers duped a senior engineer at Axie Infinity into applying for a job at a fictitious company. The scheme resulted in the loss of $540 million in crypto earlier this year. Details of how the hack was carried out are being reported for the first time by The Block is The New Chain

BlockIsTheNewChain by BlockIsTheNewChain
August 3, 2022
in Hacking stories, Apps Hacking stories, Exchange Hacking stories
455 5
1
Axie-Infinity-AXS-Metaverse
31
SHARES
1.5k
VIEWS
Share on TwitterShare on LinkedinShare on FacebookShare on Telegram

Few job applications in the world have been more compelling than a senior engineer at Axie Infinity who was interested in joining a company that turned out to be a fictional company that led to one of the biggest hacks in the crypto industry.  

Ronin, the Ethereum sidechain exclusive to chain game Axie Infinity, lost $540 million in cryptocurrency in a March hack. While the U.S. government later linked the incident to the North Korean hacking group Lazarus, full details on how the exploit was executed have not been disclosed.

According to The Block, the incident was linked to a fake job advertisement. 

Earlier this year, employees at Axie Infinity developer Sky Mavis were contacted via LinkedIn by a person claiming to represent the fake company and encouraged them to apply for jobs, two people familiar with the matter said on condition of anonymity. After several rounds of interviews, an engineer at Sky Mavis was offered a very well-paying job.

The engineer then received a fake “Offer” acceptance letter presented as a PDF document, which the engineer downloaded — allowing hacking software to infiltrate Ronin’s system. From there, hackers were able to attack and take over four of the nine validators on the Ronin network, leaving just one validator without full control.

In a post-mortem blog post about the hack, published on April 27, Sky Mavis said: “Employees have been subject to advanced phishing attacks across various social channels, and one employee has been compromised. The employee is no longer at Sky Mavis. Attackers managed to exploit this access to infiltrate the Sky Mavis IT infrastructure and gain access to validating nodes.”

Validators perform various functions in the blockchain, including creating blocks of transactions and updating data oracles. Ronin uses a so-called “proof-of-authority” system to sign transactions, centralizing power in the hands of nine trusted validators.

“If five of the nine validators approve, the funds can be transferred out,” blockchain analytics firm Elliptic explained in a blog post on the incident in April. The attackers managed to gain access to five validators private key, which is enough to steal crypto assets.”

But after successfully infiltrating Ronin’s systems through fake job advertisements, the hackers took control of only four of the nine validators — meaning they needed another validator to take control.

In its post-mortem report, Sky Mavis revealed that the hackers managed to use Axie DAO, an organization set up to support the gaming ecosystem, to complete the attack. Sky Mavis had asked the DAO to help handle the heavy transaction load in November 2021.

“The Axie DAO allows Sky Mavis to sign various transactions on its behalf. This was discontinued in December 2021, but the permission list access has not been revoked,” Sky Mavis said in a blog post. “Once the attackers gained access to the Sky Mavis system, they were able to obtain signatures from the Axie DAO validator.”

A month after the hack, Sky Mavis increased its number of validators to 11, and said in a blog post that its long-term goal is to have more than 100.

Sky Mavis declined to comment on how the hack was carried out. LinkedIn also did not respond to The Block’s request for comment.

Sky Mavis raised $150 million in a funding round led by Binance in early April. The financing will be used along with the company’s own funds to compensate users affected by the attack. The company recently said it will begin returning funds to users on June 28. Ronin’s ethereum bridge also restarted last week after it came to an abrupt halt at the time of the hack.

Earlier today, ESET Research published an investigation showing North Korea’s Lazarus abusing LinkedIn and WhatsApp to target aerospace and defense contractors. But the report did not link the technology to the Sky Mavis hack.

In addition, in April this year, the security agency SlowMist issued a security reminder that the  North Korean APT organization Lazarus Group used a series of malicious applications to conduct targeted APT attacks against the digital currency industry, including:

  1. The hacker group fully adopts the principles of social engineering and plays a role in major social media (social media includes Twitter, Facebook, LinkedIn, etc.)
  2. Chat with blockchain industry developers, get close, in order to implement the next actions.
  3. In order to “close up” with the developers, the hacker group even established its own trading website, and through this very normal-looking website, it used the pretense of recruiting outsourced employees.
  4. Take the opportunity to defraud the trust of developers, and then send relevant malware for phishing attacks. (Send DMG /EXE Trojan)

In response to this incident, SlowMist gives the following preventive suggestions:

  1. It is recommended that industry practitioners pay attention to the security information of major threat platforms at home and abroad at any time, do a good job in self-examination, and be vigilant.
  2. Before the developer runs the executable program, do the necessary security checks.
  3. Do a good job of zero trust mechanism, which can effectively reduce the risk brought by such threats.
  4. It is recommended that users running on a Mac/Windows machine keep real-time protection of security software turned on, and update the latest virus database at any time.
Tags: BlockchainCloud-SecurityCryptoData SecurityDeep-LearningMetaverse

Related Posts

protect your smart home
Hacking stories

How to protect your Smart Home from hackers

by BlockIsTheNewChain
September 4, 2022

Nowadays, many people have a lot of smart home devices in their homes. Maybe you have a lot of questions...

Read more
Hacking Anonymous

6 ways the hacker group Anonymous is waging cyber-war against Russia

September 4, 2022
Investment scammers

Investment scammers target dating app users

August 3, 2022

Comments 1

  1. Rodriguez says:
    8 months ago

    Great story

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

  • Vulnerability Scanning

    The most popular Web vulnerability scanning tools

    36 shares
    Share 14 Tweet 9
  • Excellent blockchain API for developers

    29 shares
    Share 12 Tweet 7
  • 6 ways the hacker group Anonymous is waging cyber-war against Russia

    31 shares
    Share 12 Tweet 8
  • Blockchain Basics – What is Blockchain Technology

    28 shares
    Share 11 Tweet 7
  • Can autonomous smart contracts be the future of blockchain technology?

    28 shares
    Share 11 Tweet 7

  • About
  • terms-and-conditions
  • Privacy & Policy
  • Contact

© 2022 Blockisthenewchain - The latest Blockchain, Cybersecurity News, and Startup Reviews by BLOCKisthenewCHAIN.

No Result
View All Result
  • Home
  • Cybersecurity
  • Hacking stories
  • News
  • Blockchain
  • Startups

© 2022 Blockisthenewchain - The latest Blockchain, Cybersecurity News, and Startup Reviews by BLOCKisthenewCHAIN.

Welcome Back!

Sign In with Facebook
Sign In with Google
OR

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.