https://www.theblock.co/post/156038/how-a-fake-job-offer-took-down-the-worlds-most-popular-crypto-game Ethereum developers activate the merge on Sepolia testnet DeFi credit service Porter Finance shuts down bond issuance platform Crypto broker Voyager Digital files for Chapter 11 bankruptcy Bifrost Finance seeks $2.5 million loan from Kusama treasury UK regulator appoints new digital assets director to oversee crypto Ethereum developers activate the merge on Sepolia testnet DeFi credit service Porter Finance shuts down bond issuance platform Crypto broker Voyager Digital files for Chapter 11 bankruptcy Bifrost Finance seeks $2.5 million loan from Kusama treasury UK regulator appoints new digital assets director to oversee crypto [USD] Live BTCUSD 20490.00 +0.54% ETHUSD 1189.90 +2.49% BCHUSD 106.58 +1.23% SOLUSD 36.81 +1.31% Are you a News+ Subscriber? You can login and read your exclusive content here. * Home * Data * Reports * Podcasts * Events * Research * DeFi * Fintech * Gaming and Metaverse * Markets * NFTs * Policy * Technology * Web3 Ethereum developers activate the merge on Sepolia testnet DeFi credit service Porter Finance shuts down bond issuance platform Crypto broker Voyager Digital files for Chapter 11 bankruptcy Bifrost Finance seeks $2.5 million loan from Kusama treasury UK regulator appoints new digital assets director to oversee crypto Ethereum developers activate the merge on Sepolia testnet DeFi credit service Porter Finance shuts down bond issuance platform Crypto broker Voyager Digital files for Chapter 11 bankruptcy Bifrost Finance seeks $2.5 million loan from Kusama treasury UK regulator appoints new digital assets director to oversee crypto [USD] Live BTCUSD 20490.00 +0.54% ETHUSD 1189.90 +2.49% BCHUSD 106.58 +1.23% SOLUSD 36.81 +1.31% * Latest News * Research * Data * Reports * Podcasts * Events * Home * About Us * Careers * Tips * Advertise * Disclosures * Sponsored * Privacy Policy * Terms of Service Popular [ledgible-f] Capital Markets Meet Crypto: How FIS and Ledgible Bridge the Gap between Digital Assets and Traditional Finance Digital assets have historically been seen as the wild west of investing - but times are changing. A recent survey from State Street of institutional investment leaders and managers found that 81 percent will increase or start their investment in crypto in the next three years, with 56 percent believing that crypto will become viewed as just another asset class in that time period. July 5, 2022, 8:57AM EDT Sponsored [20220321_F] FTX walked away from a deal with Celsius after seeing state of its finances: sources FTX looked at making a deal with troubled crypto lender Celsius but ultimately walked away from it, sources tell The Block. June 30, 2022, 9:06AM EDT Mergers & Acquisitions [20210225_C] Coinbase's advanced trading platform, Coinbase Pro, to be transitioned Coinbase revealed that Coinbase Pro will be closed later this year, with its advanced trading features incorporated into Coinbase.com. June 23, 2022, 6:17AM EDT Markets [20200819_B] A leaked investor call revealed Morgan Creek's bid for BlockFi. Here are four more big takeaways from the call According to the call, a funding round would value BlockFi at less than $500 million and there may be more layoffs in the works. June 29, 2022, 2:11PM EDT Companies [20220404_H] Nexo starts process to potentially acquire troubled crypto lender Vauld Nexo has signed an indicative term sheet with rival crypto lender Vauld and plans to acquire the struggling firm. July 5, 2022, 5:15AM EDT Mergers & Acquisitions Hacks * July 6, 2022, 10:05AM EDT How a fake job offer took down the world's most popular crypto game by Ryan Weeks * * * * * [20220512_A] The Block Quick Take * Hackers duped a senior engineer at Axie Infinity into applying for a job at a fictitious company. * The scheme resulted in the loss of $540 million in crypto earlier this year. * Details of how the hack was carried out are being reported for the first time by The Block. [SOMA_THE-B] Rarely has a job application backfired more spectacularly than in the case of one senior engineer at Axie Infinity, whose interest in joining what turned out to be a fictitious company led to one of the crypto sector's biggest hacks. Ronin, the Ethereum-linked sidechain that underpins play-to-earn game Axie Infinity, lost $540 million in crypto to an exploit in March. While the US government later tied the incident to North Korean hacking group Lazarus, full details of how the exploit was carried out have not been disclosed. The Block can now reveal that a fake job ad was Ronin's undoing. According to two people with direct knowledge of the matter, who were granted anonymity due to the sensitive nature of the incident, a senior engineer at Axie Infinity was duped into applying for a job at a company that, in reality, did not exist. Axie Infinity was huge. At its peak, workers in Southeast Asia were even able to earn a living through the play-to-earn game. It boasted 2.7 million daily active users and $214 million in weekly trading volume for its in-game NFTs in November last year -- although both numbers have since plummeted. Earlier this year, staff at Axie Infinity developer Sky Mavis were approached by people purporting to represent the fake company and encouraged to apply for jobs, according to the people familiar with the matter. One source added that the approaches were made through the professional networking site LinkedIn. After what one source described as multiple rounds of interviews, a Sky Mavis engineer was offered a job with an extremely generous compensation package. The fake "offer" was delivered in the form of a PDF document, which the engineer downloaded -- allowing spyware to infiltrate Ronin's systems. From there, hackers were able to attack and take over four out of nine validators on the Ronin network -- leaving them just one validator short of total control. In a post-mortem blog post on the hack, published April 27, Sky Mavis said: "Employees are under constant advanced spear-phishing attacks on various social channels and one employee was compromised. This employee no longer works at Sky Mavis. The attacker managed to leverage that access to penetrate Sky Mavis IT infrastructure and gain access to the validator nodes." Validators fulfill various functions in blockchains, including the creation of transaction blocks and the updating of data oracles. Ronin uses a so-called "proof of authority" system for signing transactions, concentrating power in the hands of nine trusted actors. An April blog post on the incident from blockchain analysis firm Elliptic explains: "Funds can be moved out if five of the nine validators approve it. The attacker managed to get hold of the private cryptographic keys belonging to five of the validators, which was enough to steal the cryptoassets." But after successfully infiltrating Ronin's systems through the fake job ad, the hackers had control of just four out of the nine validators -- meaning they needed another in order to take control. In its post-mortem, Sky Mavis revealed that the hackers managed to use the Axie DAO (Decentralized Autonomous Organization) -- a group set up to support the gaming ecosystem -- to complete the heist. Sky Mavis had asked the DAO for help dealing with a heavy transaction load in November 2021. "The Axie DAO allowlisted Sky Mavis to sign various transactions on its behalf. This was discontinued in December 2021, but the allowlist access was not revoked," said Sky Mavis in the blog post. "Once the attacker got access to Sky Mavis systems they were able to get the signature from the Axie DAO validator." A month after the hack, Sky Mavis had increased the number of its validator nodes to 11, and said in the blog post that its long-term goal was to have more than 100. Sky Mavis declined to comment on how the hack was carried out when reached. LinkedIn didn't respond to multiple requests for comment. Earlier today, ESET Research published an investigation showing that North Korea's Lazarus had abused LinkedIn and WhatsApp by posing as recruiters to target aerospace and defense contractors. But the report did not tie that technique to the Sky Mavis hack. Sky Mavis raised $150 million in a round led by Binance in early April. The proceeds will be used alongside the company's own funds to reimburse users affected by the exploit. The company said recently that it would begin returning funds to users on June 28. After coming to a sudden halt at the time of the hack, Ronin's Ethereum bridge also relaunched last week. The rate of DeFi hacks has accelerated rapidly this year, topping $2 billion in total funds lost, according to The Block Research data. On January 1, the number stood at $760 million. (c) 2022 The Block Crypto, Inc. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice. * * * * * About Author Ryan is The Block's deals editor. Before joining he worked at Financial News, and has also written for the likes of Wired, Sifted and AltFi. More by Ryan Weeks [20200721_B] Ledn puts in rival bid to acquire ailing lender BlockFi: Bloomberg Mergers & Acquisitions [20220506_O] OpenSea hit by data breach after email delivery partner leaks addresses Data Sign up for our daily Newsletters [ ] [] [*] Also receive our FREE weekly Data & Insights Newsletter By signing-up you agree to our Terms of Service and Privacy Policy [newsletter] We help financial institutions, investors, policymakers and regulators in the digital asset ecosystem. View Research [tbr-mockup] Features [20210219_B] Looking into Grayscale Bitcoin Trust after SEC spot ETF rejection The asset manager's application to have GBTC converted into a spot-based bitcoin ETF was rejected after months of campaigning. June 30, 2022, 11:41AM EDT The Block [20200819_B] A leaked investor call revealed Morgan Creek's bid for BlockFi. Here are four more big takeaways from the call According to the call, a funding round would value BlockFi at less than $500 million and there may be more layoffs in the works. June 29, 2022, 2:11PM EDT Companies [Image-from] Fashion industry leans into NFT experimentation in spite of bear market woes The usual suspects of interoperability and utility were on the slate as talking points. June 29, 2022, 1:10PM EDT NFTs, Gaming and Metaverse Read More Features Popular Stories [ledgible-f] Capital Markets Meet Crypto: How FIS and Ledgible Bridge the Gap between Digital Assets and Traditional Finance Digital assets have historically been seen as the wild west of investing - but times are changing. A recent survey from State Street of institutional investment leaders and managers found that 81 percent will increase or start their investment in crypto in the next three years, with 56 percent believing that crypto will become viewed as just another asset class in that time period. July 5, 2022, 8:57AM EDT Sponsored [20220321_F] FTX walked away from a deal with Celsius after seeing state of its finances: sources FTX looked at making a deal with troubled crypto lender Celsius but ultimately walked away from it, sources tell The Block. June 30, 2022, 9:06AM EDT Mergers & Acquisitions [20210225_C] Coinbase's advanced trading platform, Coinbase Pro, to be transitioned Coinbase revealed that Coinbase Pro will be closed later this year, with its advanced trading features incorporated into Coinbase.com. June 23, 2022, 6:17AM EDT Markets [20200819_B] A leaked investor call revealed Morgan Creek's bid for BlockFi. Here are four more big takeaways from the call According to the call, a funding round would value BlockFi at less than $500 million and there may be more layoffs in the works. June 29, 2022, 2:11PM EDT Companies [20220404_H] Nexo starts process to potentially acquire troubled crypto lender Vauld Nexo has signed an indicative term sheet with rival crypto lender Vauld and plans to acquire the struggling firm. July 5, 2022, 5:15AM EDT Mergers & Acquisitions Browse Categories Explore content by the latest trending topics in digital assets. Choose your topic of interest. [20220502-F] DeFi News and analysis about blockchain-based financial applications, most prominently decentralized exchanges (DEXs) and lending platforms. [Sebastian-] Fintech News and analysis about fintech startups and investment focused on new financial technologies. [Screen-Sho] Gaming and Metaverse News and analysis about virtual spaces, particularly those that involve blockchains. [20210720_B] Markets News and analysis about markets, particularly those that include or intersect with digital assets. [music-list] NFTs News and analysis about non-fungible blockchain tokens. [theblockfa] Policy News and analysis about policies and laws that involve digital assets and other payment and banking technologies. [211203_Eth] Technology News and analysis about the technology underlying cryptocurrency, blockchains, payments and banking. [20220512_A] Web3 News and analysis about blockchain-based internet applications. [SOMA_THE-B] First Mover in Compliance SOMA.finance utilizes one of the only SEC & FINRA approved licenses to offer and trade tokenized securities on the blockchain Content * News * Data * Research Multimedia * Events * Reports * Podcasts Connect * Twitter * LinkedIn * Instagram * Telegram * Facebook * Spotify Company * Advertise * Careers * Tips * Disclosures (c) 2022 the block. all rights reserved. privacy policy * terms of service