Axie Infinity was hacked through a fake offer on Linkedin

One of the senior engineers at Sky Mavis (Axie Infinity’s leading game developer) received a new job offer he couldn’t refuse. This attempt to improve his life led to considerable problems in the form of the Ronin bridge hack and the theft of crypto-assets worth hundreds of millions of USD.

The hackers created an offer with a position at a non-existent company and posted it on the social network Linkedin. By responding to it, the employee mentioned above fell into the trap by downloading an infected file and unwittingly installing spyware on his computer.

“The prelude” included several stages of an interview during which the engineer proved his professional qualifications. This was probably the reason why after receiving an invitation to a position with extremely generous compensation, he actually stopped to think.

After an investigation and disclosure of the precedent, the discredited engineer was fired from Sky Mavis. Now he will probably shift to a property manager since such a fiasco will surely ruin his track record forever, despite all the delicate confidentiality shown.

The problem with the Ronin sidechain bridge, used by Axie Infinity players to interact with the Ethereum blockchain, lies in the minimal number of validators (at the moment of the hack, the protocol required only 9). The consent of 5 out of 9 nodes was sufficient to sign transactions.

Thus, by gaining control of a relatively small number of nodes, attackers could access the permissions of validator nodes and thereby allow invalid transactions to be confirmed.

That’s precisely what happened. Fraudsters used stolen crypto keys and carried away $625 million, making it one of the biggest cases in the history of decentralized finance.

The weak point (apart from the human factor, of course) was the “proof of authority” system, which allowed the validation process to be usurped by a single person.

The obvious solution was to increase the number of validators, which would reduce the risk of hacks and their consequences. Therefore, just a month after the attack, Sky Mavis raised the number of nodes to 11, and the long-term goal was to exceed the 100-node threshold.