Bảo mậtCông nghệSố hóa

Hackers attacked Axie Infinity through ex-employees

Hackers have hacked a Sky Mavis employee, thereby infiltrating the system to perform a $600 million hack.

Details attack to the network has just been announced by Ronin Network, nearly a month after the problem was discovered. Specifically, an employee of Sky Mavis – game developer Axie Infinity and Ronin Blockchain – fell victim to a spear phishing scam.

Unlike mass phishing, “spear phishing” is a targeted attack, targeting a specific and well-researched target. According to security firm Trendmicro, attackers may be able to conduct measures such as spying, gathering information of the target through activities outside the office, on social networks to look for attack opportunities.

Photo: BeInCrypto

Image: BeInCrypto

“Sky Mavis employees were repeatedly subjected to phishing attacks on various social channels and one of them was compromised,” Sky Mavis said. This employee is no longer working at the company. The attacker then took advantage of employee access to infiltrate Sky Mavis’ infrastructure and obtain authentication nodes.

The company then had control of only 4/9 validator nodes and was theoretically unable to make withdrawals. However, from entering the system, the attacker discovered a backdoor and found another validator node that was managed by the Axie DAO decentralized organization.

In November 2021, when the number of users Axie Infintiy Due to strong growth, the company asked for help from the Axie DAO to distribute free and agreed transactions. “This was discontinued in December 2021, however access to the whitelist has not been revoked,” the company further explained.

With control of 5/9 validator nodes, the attacker made two transfers, taking away 173,600 Ethereum and 25.5 million USDC from the Ronin bridge. The total amount of damage was equivalent to 615 million USD and became one of the largest cryptocurrency hacks ever.

According to Sky Mavis, after the incident, the company has taken measures to strengthen the security of both the system and internal processes. The number of validator nodes Ronin Network is currently upgraded from 9 to 11. The company confirmed that it will increase to 21 validating nodes in the next three months, and the long-term goal is more than 100 nodes. Employees will use their own devices for work to reduce risk.

In addition, Sky Mavis aims to become a Zero-Trust organization, which always assumes that it can be attacked against threats from inside and outside. All connections will then need to be verified and authorized. The company is upgrading contracts on the Ronin bridge and has completed 80% of the work, before reopening next May. Show deposit and withdrawal Axie Infinity made temporarily through Binance exchange. This exchange said it has recovered about $5.8 million transferred by hackers, and supported to raise $150 million to fund the project. Axie Infinity solve the problem.

Meanwhile, as of April 27, the hacker group has switch to Tornado Cash tool more than 135 million USD to launder money. More than 340 million USD has also been transferred to many different wallets to prepare for the dispersal process.

Luu Quy

You are reading the article Hackers attacked Axie Infinity through ex-employees
at Blogtuan.info – Source: vnexpress.net – Read the original article here

Back to top button