An elaborate scam involving fake LinkedIn job offers is said to have been involved in the hack of the AxieInfinity. Two sources with knowledge of the incident were cited by the Block. There is a new aspect to one of the biggest Defi hacks.
Sky Mavis' employees were targeted by the North Korean group Lazarus. When employees accepted the bait, they proceeded with multiple rounds of fake job interviews and an extremely generous fake compensation package. The con culminated in one senior engineer clicking a PDF supposedly containing the official offer, at which point the engineer's computer was compromised by hackers.
A malicious PDF let hackers compromise the entire financial system
Sky Mavis disclosed that the hackers took control of a fifth node from the Axie DAO thanks to a decision to sign transactions during a particularly busy period in November. The equivalent of $625 million was drained from the Sky Mavis treasury after they drained the ether andUSDCcryptocurrencies. It is close to $225 million following a recent crash. A week after the hack, the company noticed it. The exact mechanism of the hack was not explained in the earlier post-mortem.
Some players make a full-time living off the real-money economy of their game, which was once seen as an example of the success of "play to earn" games. Sky Mavis has spent the past months recovering from the breach after the value of its token plummeted. Last week, it raised $150 million to reimburse players and reopen transactions on its bridge. I bought three non-fungible token or NFTs to play and report on the game. Additional security measures were put in place. At the same time, it has launched a second game called Axie Infinity Origins, which attempts to shift away from being known as a money-making endeavor rather than a game that is enjoyed.