North Korean hacker defeats Axie Infinity with a money attack

Lured by an offer of a generous salary, an engineer at Axie Infinity accidentally got into a file containing a hacker’s malicious code.

Axie Infinity is a monument of the Blockchain game village with leading the “money game” trend and at one time owning up to 2.7 million daily active users. But this monument was demolished in March after a hack that stole more than 625 million USD worth of cryptocurrency at the time.

Recently, an important report has shown how hackers have knocked down the monument of the Blockchain gaming village.

As reported by The Block, hackers broke into the systems of Sky Mavis – the company behind the Axie Infinity game by sending a file filled with malicious software to employees.

The report indicates that, through the job-sharing social network Linked, the hacker sent an offer with an attractive salary for a Sky Mavis engineer. This person thought he was being solicited by another company and opened the PDF file sent by the hacker. However, that job did not exist.

After the attack, along with the reversal of the cryptocurrency market, the number of Axie Infinity players plummeted.

In a post after the incident, Sky Mavis once said that the employees of this company were repeatedly attacked by scammers on different social media channels. One of them has become a victim of hackers. The attacker then used this account’s access to infiltrate Sky Mavis’ IT infrastructure and gain control of the validator nodes.

The US Federal Bureau of Investigation (FBI) previously confirmed that Lazarus Group was the hacker group responsible for the attack on the Ronin network. This is the sidechain of Axie Infinity – a Blockchain game developed by Vietnamese people.

The Lazarus hacker group is known by many different names such as APPLEWORM, APT-C-26, GROUP 77, GUARDIANS OF PEACE, HIDDEN COBRA, OFFICE 91, RED DOT… and is believed to have ties to North Korea. .

Park Jin Hyok – a rare member of Lazarus, was exposed for the 2016 attack on the Central Bank of Bangladesh.

The Lazarus Group is a cybercriminal group formed from an unknown number of individuals. Although not much is known about Lazarus, this hacker group has repeatedly been responsible for cyber attacks over the past decade.

In its history of operations, the most notable attack that Lazarus ever carried out was the one involving Sony Pictures that took place in 2014.

In the latest move, Axie Infinity has just allowed Axie Infinity players to deposit and withdraw money from their game accounts by reopening the Ronin Bridge. This bridge has been temporarily closed since March, right after the biggest hack in DeFi history with a value of 625 million USD. This startup also said that it will refund the money that users have lost.

Trong Dat


Leave a Reply

Your email address will not be published. Required fields are marked *