Axie Infinity – a famous NFT game hacked with just a PDF file, the culprit is a group of North Korean hackers.
A game similar to the Pokémon NFT “Axie Infinity” has long been famous for being able to let players profit by buying/selling through the NFT blockchains contained in the game. Now, according to a new report from The Block, we know what made a security breach of this magnitude possible: a sophisticated social networking scam on LinkedIn. sounds like a deleted episode of Mr.Robot.
Recently, details of a hacker attack on the blockchain of the popular NFT game Axie Infinity have been published. Accordingly, the hacker attacked the game’s system through a job scam campaign on LinkedIn. Axie Infinity is a game of Sky Mavis company founded by Vietnamese people.
According to The Block, the US government has confirmed that North Korea’s Lazarus hacker group is the culprit behind the attack on Axie Infinity. The trick of this hacker group is to create fake job postings on LinkedIn targeting Sky Mavis employees. Next, they conduct mock interviews and offer an extremely generous compensation package if employees quit their job at Sky Mavis to work for them.
Finally, they close by sending a PDF file that is described as the official offer. This PDF file contains malicious code and when Sky Mavis employees click on it, hackers will get into their computers. The hacker then scoured Sky Mavis’ network and got his hands on four of the nine nodes used to validate financial transactions on Sky Mavis’ Ronin blockchain.
Previously, Sky Mavis revealed that the hacker had theoretically gained control of the fifth node from the decentralized Axie DAO thanks to the decision to allow Sky Mavis to sign transactions during a particularly busy time last November. .
This attack cost Sky Mavis about 625 million USD and became the largest virtual currency hack in the world at that time. Over the past few months, Sky Mavis has focused a lot of efforts on recovery. They have now raised $150 million to refund players and reopen transactions on the Ronin bridge.
This is the largest cryptocurrency hack in history. Before that, the biggest hack was $611 million stolen from Poly Network in August 2021.
See also: Discovered: Dinosaur embryo is completely intact inside a fossil egg