Threatpost reports that North Korean APT hackers were able to steal $540 million from blockchain gaming platform Axie Infinity in a spear-phishing attack after gaining access to the private keys of most of the platform's nine validator nodes.
Four of the nodes compromised by attackers were owned by the Ronin Network, where Axie operates, while Axie DAO owns the fifth, noted publication The Block. While the use of relatively few validators is common in Axie and other permissioned chains, problems lay on the concentration of the validators in a single repository, according to Kudelski Security Vice President of Innovation Ryan Spanier.
"The validators were not well distributed between independent organizations, which means the attacker only truly had to compromise one organization. Essentially, they had a decentralized blockchain model but were vulnerable to a centralized threat vector," Spanier added.
Meanwhile, Cofense Director of Threat Intelligence Mollie MacDougall said that the Axie hack should prompt the adoption of effective phishing defense programs in blockchain platforms.
Ten malicious Python Package Index packages have been discovered by Check Point researchers to deploy info-stealers enabling the exfiltration of personal credentials and private data from software developers, reports The Hacker News.
Bitter APT has been leveraging a trojanized iteration of the Signal messaging app to deploy the Android spyware Dracarys in cyberespionage campaigns against individuals in India, New Zealand, Pakistan, and the U.K., BleepingComputer reports.