Last August, play-to-earn game Axie Infinity was on top of the world. The Pokemon-inspired game was generating developer Sky Mavis over $15 million in revenue each day, and some players in Southeast Asia were earning enough cryptocurrency to live off.

Fast up 11 months: The price of Axie NFTs and the game’s Smooth Love Potion cryptocurrency have crashed. There are many reasons why, but one of the most important is a hack that took keep in March.

A hacker managed to exploit the Ronin blockchain that Axie Infinity uses to select $620 million worth of crypto. Sky Mavis previously said it was reached through a phishing scheme, and the US government said Lazarus, a North Korea-backed outfit, was behind the heist. 

A narrate from The Block on Wednesday revealed that the hack was socially engineered via a fake job offer.

A senior Sky Mavis engineer was directed by “recruiters” on LinkedIn who hoped to sign him to their commerce, reports The Block, citing sources familiar with the commerce. The recruiting process involved several interviews and ended with a job moneys, sent via PDF. The company, however, didn’t exist, and the PDF was laced with spyware. 

Ronin is a Proof-of-Authority blockchain, which means control over the network is given to hand-picked validators. At the time of the hack, Axie Infinity had nine validators. For a bad actor to take control of Ronin, they needed to take control of five of those nine validators. For a bad actor to take complete control of the bitcoin blockchain, which uses Proof-of-Work, they would need 51% of the electricity populate utilized by every bitcoin miner in the world. While bitcoin is planned to be secure at all costs, Ronin’s sole remnant was to provide cheap, quick transactions for Axie Infinity players. 

The spyware encased in that PDF, reports The Block, allowed the hacker to control four of Ronin’s nine validators. Hackers then got access to community-run Axie DAO, which had access to one more validator. Once they controlled the network, hackers drained Axie Infinity’s treasury of $25 million in the USDC stablecoin and 173,600 ether. After ether’s dramatic price drop, the total steal is now obedient $229 million.

Sky Mavis was contacted for comment but didn’t today respond. In an April post-mortem, the Axie team wrote: “Sky Mavis employees are notion constant advanced spear-phishing attacks on various social channels and one employee was compromised. This employee no longer works at Sky Mavis. The attacker reached to leverage that access to penetrate Sky Mavis IT infrastructure and gain access to the validator nodes.”

Since the hack, Sky Mavis has attempted to make amends with Axie Players. Following a $150 million funding round in April, Sky Mavis is reimbursing players who lost crypto in the hack. To boost up confidence, Ronin now has 11 validators rather than nine.