HomeWinBuzzer NewsNFT Marketplace Loses $540 Million in Phishing Attack

NFT Marketplace Loses $540 Million in Phishing Attack

Axe Infinity, one of the largest NFT trading markets was successfully attacked in March and lost over $500 million.


NFTs are one of the hot topic tech issues of the moment and becoming popular despite being pointless (there, I said it). Like any tech that explodes in popularity, there are bad actors looking to exploit the NFT craze. For example, one threat actor has been able to use a successful phishing campaign to breach Axie Infinity, one of the largest traders of collectable non-fungible tokens (NFTs).

Axie Infinity hosts over 3 million traders of in-game NFTs and is one of the most popular of its kind. However, attackers were able to breach the system using a spear-phishing attack. A report from The Block says attackers – thought to be linked to North Korea – stole $540 million in cryptocurrency.

The attack happened on March 23rd when the group was able to take private keys associated with four validator nodes. Those were running on the Ronin Network, which is what Axie runs on.

Ronin has nine validators and the attackers took control of five, giving them majority control on the network. With that control, the threat actors could write checks for themselves. Being able to do that, they stop 25.5 million US coin and 173,600 Ethereum at a total of $540 million.

Recruitment Phishing Campaign

Access was possible by using a recruitment phishing scam that was able to trick senior officials into applying for jobs that didn't exist. According to The Block, his phishing campaign was successful, granting the attackers access.

“According to two people with direct knowledge of the matter, who were granted anonymity due to the sensitive nature of the incident, a senior engineer at Axie Infinity was duped into applying for a job at a company that, in reality, did not exist.

After what one source described as multiple rounds of interviews, a Sky Mavis engineer was offered a job with an extremely generous compensation package. 

The fake “offer” was delivered in the form of a PDF document, which the engineer downloaded — allowing spyware to infiltrate Ronin's systems. From there, were able to attack and take over four out of nine validators on the Ronin network — leaving them just one validator short of total control.”

Tip of the day: It's a good idea to backup your computer on a regular basis, and the most fool-proof way is to manually create a disk image and save it to an external hard drive.

SourceThe Block
Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News