The crypto community had noticed an upsurge in fake job offers in recent months, and it seems that even the developers of Axie Infinity (AXS) were not spared. This is apparently what led to the hack of the platform last March, which allowed the attacker to walk away with $540 million.
Fake job offer lures Axie Infinity developer
According to information reported by The Block, the attackers created a fake company from scratch and contacted a senior engineer at Sky Mavis, the company that runs Axie Infinity, on LinkedIn. The fictitious offer included a particularly attractive salary. After an elaborate process, which consisted of a series of interviews and “tests,” the person had received a job offer, in the form of a PDF.
This was used to install a spyware that allowed the attack on Ronin, the blockchain on which Axie Infinity is built. The criminals were first able to seize four validation nodes, with a fifth needed to move funds. To obtain the latter, they went through Axie Infinity’s DAO, which had been asked to process a significant amount of transactions.
The criminals were therefore able to seize the last missing link and conduct their attack. The company lost $540 million in the attack.
An unfortunately common technique
Later, the case had been linked to the North Korean hacker group Lazarus, infamous for the number of large-scale attacks it has conducted in recent years. However, the security firm F-Secure had already pointed out this risk in 2020, mentioning Lazarus and North Korea directly.
The person who led to this hack no longer works for Sky Mavis. The fact remains that this event did not help Axie Infinity, which saw its volumes drop drastically, while the game used to generate considerable enthusiasm.
Today, Axie Infinity’s AXS token is trading at a price 90% lower than its historical high. This is of course a sign of the current context, but also of a certain loss of steam in the Play-to-Earn market. Will the former pet project of blockchain game enthusiasts manage to turn things around? That remains to be seen.
