File-based cybersecurity breach leads to theft of $620 million in cryptocurrency

by | Aug 11, 2022 | Thought leadership

Axie Infinity – a blockchain-powered online game with over a million daily users worldwide – recently lost over $620 million in cryptocurrency following a security breach in which hackers used files infected with malware to gain access to the network of its publisher, Sky Mavis.

In a remarkable series of events, North Korean cyber criminals created fake job opportunities on LinkedIn to fool Sky Mavis staff, with one software engineer going through several bogus interviews in the belief they could land a new role with a very generous salary.

As part of the complex process, the candidate was sent a job offer by the hackers in a PDF file, but as explained in one media report, the document was “laced with spyware”. This allowed the hackers to initiate a chain of events that led to the theft of the cryptocurrency assets.

According to one new study, the Axie Infinity ‘heist’ jumps straight to the top of the chart as the biggest crypto theft reported worldwide so far. Over $2 billion in total has been stolen so far this year in 100+ reported incidents, rapidly closing in on the record totals seen last year.

The story highlights the complex risks faced by organizations today, which are subjected to highly sophisticated attacks. However, in many cases like this, the malware is deployed on the target network using the most simple technique – an infected file opened by an employee.

It also underlines the inherent vulnerability of today’s cybersecurity strategies in that they rely on detection-based methods to prevent malware infections. Instead, Glasswall CDR technology offers proactive protection from file-based cybersecurity threats hidden within today’s most popular file formats. In contrast to detection-based security, such as antivirus and sandboxing that must play catch up with new threats, Glasswall instantly cleans and rebuilds every file to match its ‘known good’ industry specification – automatically removing potential risks and closing the ‘protection gap’ that can be up to 18 days with detection-based methods.

To learn more about the Glasswall solution set, click here.

Related

What is Glasswall CDR?

Embedded Engine

CDR Platform

Solutions

REST APIs

Email Security

Threat Intelligence

Plug-ins

CDS Plug-in

ICAP Plug-in

Menlo Plug-in

Palo Alto Plug-in

apps

Apps

Clean Room

Desktop

Why CDR?

We believe people should be free to open their files without fear. Glasswall CDR takes a proactive approach to automatically remove all Zero-day threats from files, without sacrificing productivity.

Use Cases

Secure Email

File Uploads and Downloads

Malware Risk Removal

Metadata Removal

Cybersecurity Crisis Response

Cybersecurity Crisis Prevention

Cloud Native Integrations

Data Migrations

SDK Integration

Resource Library

Blog

Events

support lines

Support

Glasswall CDR Portfolio

Reactive cybersecurity is failing - it’s time for a better way. Traditional detection-based security methods play catch up with new threats. Find out how your organization can take a proactive approach to cybersecurity.

strategic alliances

About our Partner Program

Our Partners

Become a Partner

Bringing File-based threat protection to your customers

Offer a richer security portfolio with the most agile CDR platform on the market. Stand out from the competition with a partner program built for you. Let’s make files safer together.

About Glasswall

Our People

Careers

communication

Contact Us

support lines

Support

Raising the bar on file security

We believe people should be free to open their files without fear. To click on anything without risk of catastrophe. To use systems the way they were meant to be used. That’s why we’re raising the bar on file security at Glasswall.