Axie Infinity Hack Committed Via Fake LinkedIn Posts And DAO Permissions

Axie Infinity’s Ronin bridge hack started with a fake LinkedIn job offer, close sources to the incident say. According to the US government, the culprit was Lazarus Group, a North Korean group of hackers. Now, Axie Infinity is still trying to recover from the incident that led to a $625M loss.

image of an Axie Infinity NFT character

The NFT community learns how hackers used LinkedIn for the historic Axie Infinity hack. Credit: Twitter

How did the Axie Infinity hack happen?

On March 29th, Axie Infinity’s developer Sky Mavis revealed that hackers had stolen $625M via their Ronin bridge. To this day, it’s one of the biggest hacks involving an NFT project.

It was only this week that we found out more about how the Axie Infinity hack actually happened. Accordingly, the mysterious hacking group contacted multiple Sky Mavis employees via LinkedIn. To clarify, the hackers created a fake company account to get in touch with the employees.

The phishing scheme continued with a series of fake job interviews. Surprisingly, hackers even pretended to offer an “extremely generous” compensation package to attract the employees even more.

At last, each Sky Mavis employee received a PDF file that allegedly revealed the fake company’s “job offer”. In fact, the file allowed hackers to enter the employees’ computers. As a result, four of the 9 validators of the Ronin Network were hacked – and the rest is history.

image of a hacker stealing a digital file

The hackers behind the Ronin Bridge attack are a North Korean group, US officials say. Credit: FreePik

Who are the real hackers?

The US Department of Treasury and the FBI blamed Lazarus Group for the Axie Infinity hack. Lazarus Group is a North Korean group of hackers.

The group took part in seven similar incidents in 2021. In fact, they gained notoriety after hacking Sony Pictures back in 2014.

Should Lazarus Group be found guilty, the Axie Infinity Ronin bridge hack is among the group’s biggest heists to date. For now, though, Sky Mavis is pushing forward with getting Axie Infinity back on track.

screenshot of a Ronin Bridge opening message via Twitter

Axie Infinity’s Ronin Bridge reopened last week after months of work caused by the hack. Credit: Twitter

What is Axie Infinity up to right now?

It’s been a tough season for Axie Infinity, to say the least. Besides the Ronin bridge hack, the game’s token value dropped due to the bear market.

However, Sky Mavis ended June on a positive note by opening the Ronin bridge again. Therefore, players can make transactions again after months of waiting.

Of course, Sky Mavis took extra measures to protect its users from other hacking incidents. For example, the group offered a bug bounty to spot any potential vulnerabilities in its systems.

All in all, Axie Infinity – once the most popular P2E NFT-powered game in the world – will likely thrive despite a tough season.

Related posts