How did a Fake LinkedIn Job Offer Collapse Axie Infinity’s Economy?
Recently, Axie Infinity was elaborately hacked via a LinkedIn job offer. As vague as it may sound, the incident is genuine and serves as an example of good old social engineering.
‘Top of the world’ to Major Collapse
In August 2021, Axie Infinity was on top of the world as the ‘prime example of crypto gaming’. The play-to-earn game was generating developer Sky Mavis over $ 15 million in revenue each day. In fact, several players in Southeast Asia were earning enough cryptocurrency to sustain their livelihood. 11 months later, the price of Axie NFTs and the game’s ‘Smooth Love Potion’ cryptocurrency collapsed. The major reason behind the collapse that resulted in Axie losing over half a billion dollars is a mere LinkedIn job offer.
As reported by The Block, a hacker managed to exploit the Ronin blockchain used by Axie Infinity. The hacker stole $620Million worth of crypto. Previously, Sky Mavis had said it was achieved through a phishing scheme, and the US government said Lazarus, a North Korea-backed outfit, was behind the heist. According to a report from The Block, it was revealed that the hack was socially engineered via a fake job offer.
The fake LinkedIn job offer
A senior Sky Mavis engineer was targeted by ‘recruiters’ on LinkedIn who hoped to sign him to their company citing sources familiar with the matter. The recruiting process involved several interviews and when employees took the bait, they proceeded with multiple rounds of fake job interviews and then an “extremely generous” fake compensation package. The process ended with a job offer, which was sent via PDF. However, the company did not exist and the PDF was laced with spyware.
Sky Mavis disclosed previously that the hackers took control of a fifth node from the theoretically decentralized Axie DAO—owing to a decision to let Sky Mavis sign transactions during a particularly busy period in November 2021. After the signing, hackers drained the Ethereum and USDC cryptocurrency that backed Sky Mavis’ treasury, the equivalent of about $625 million at the time.
The company noticed the hack a week after it occurred in March. In its earlier post-mortem, it blamed “advanced spear-phishing attacks” that compromised an employee who no longer worked at Sky Mavis. However, it did not explain the exact mechanism of the hack.
Axie Infinity was, once, regarded as a model of success for “play to earn” games. However, the value of its tokens plummeted as a result of the larger crypto crash, and Sky Mavis has spent months recovering from the breach. In the previous week, it reopened transactions on its Ronin bridge after raising $150 million in funding to help reimburse players. It also added new security measures to prevent future hacks. Meanwhile, it has released a second game, Axie Infinity Origins, in an attempt to shift away from being known as a money-making venture and toward a game that is played for fun.
Ronin is a Proof-of-Authority blockchain—which implies hand-picked validators control the network. Axie Infinity had nine validators at the time of the hack. A bad actor needed to take control of five of the nine validators to take control of Ronin and to gain complete control of the bitcoin blockchain—which employs Proof-of-Work—a bad actor would require 51 percent of the electricity consumed by all bitcoin miners worldwide. While bitcoin is designed to be secure at all costs, Ronin’s sole purpose was to provide Axie Infinity players with cheap, quick transactions.
Anwesha has been a creative writer for a while. Currently, on her pursuit of tech writing, she is diving into the realms of technology to produce better content on the forever-changing world of technology. In her free time, you’ll find her humming tunes of her favourite shows or reading a book.