Hackers were able to carry out an attack on the Ronin sidechain thanks to spyware in a PDF document that one of the employees downloaded from a letter with a job offer from a non-existent company. This is reported by The Block with reference to informed sources.
According to them, employees of Sky Mavis, which develops the Axie Infinity blockchain game, were sent offers from a fake company via LinkedIn.
One of the engineers responded to the vacancy. After a series of interviews, he was sent a letter with an “offer” in the form of a PDF document. The latter contained malware that penetrated the Ronin network.
Subsequently, hackers were able to take control of 4 out of 9 validators. They got access to the fifth through Axie DAO.
Recall that the Ronin sidechain involved in Axie Infinity was attacked in March. The attackers withdrew crypto assets with a total value of about $625 million. The hack was the largest in the history of the DeFi segment.
Later, the project team reported that hackers used social engineering to gain unauthorized access to assets.
In June, the developers restarted the Ronin sidechain and reimbursed users for the funds they lost as a result of the March hack.
Read more about Ronin and its restart in the ForkLog cards.