Contact Person : wei
Phone Number : 0086 15123100414
WhatsApp : +8615123100414
March 30, 2022
Ronin, the underlying blockchain for the popular NFT game Axie Infinity, and Axie Infinity operator Sky Mavis announced in a blog post Tuesday morning that they had suffered a hack that used the network to sack an estimated $625 million (173,600 ether and ETH). 25.5 million USDC). This figure surpasses the $611 million hack of DeFi protocol Poly Network in August 2021.
The incident was discovered on Tuesday after a user was unable to withdraw 5,000 ether. But the attack occurred on March 23, when attackers used hacked private keys to forge fake withdrawals, and other key validating nodes were also attacked, the blog post said.
Cryptocurrency holders often don’t operate in just one blockchain ecosystem, so developers build cross-chain bridges that allow users to send cryptocurrencies from one chain to another. In this case, Ronin is the bridge connecting Axie Infinity to other blockchains such as Ethereum.
Using the bridge, players can deposit Ethereum or USDC into Ronin and use it to buy non-fungible tokens (NFTs) or in-game currency. They can then sell their in-game assets and withdraw funds.
Analysts at Blockchain Intelligence Group say that the stolen funds are moving. To date, nearly $17 million in ethereum funds have been moved to exchanges including FTX and Huobi, the company said.
Ronin said users of the platform have lost access to their funds and is working with relevant government agencies to ensure criminals are brought to justice, and it is also in discussions with Axie Infinity on how to keep users’ funds safe. And cooperated with the blockchain tracker Chainalysis to track the stolen funds, and most of the stolen funds are still in the hacker's digital wallet.
Ronin was developed by Singapore-based game studio Sky Mavis, which also owns Axie Infinity.
According to Sky Mavis, Ronin was attacked in part because the company took shortcuts in November to ease the "huge user load" of the network, which saw a surge in popularity after last January, and is very popular in the Philippines and other countries. Players are popular and even rely on it as a full-time job. The system was discontinued in December, but the permissions that allowed it to be used were never revoked.
In addition to attacking four of Sky Mavis' own nodes, the attackers used these nodes to gain access to a node managed by the Axie DAO, which it owns. After compromising five of the nine validator nodes, attackers can compromise the security of any transaction and withdraw any funds they want.
Sky Mavis said they will increase the number of nodes required for transactions to 8, once it is determined that no more funds are available,
It will reopen Ronin "at a later date."
"As we have seen, Ronin is not immune to cyberattacks, and this attack reinforces the importance of prioritizing security, remaining vigilant, and mitigating all threats," the company said in the statement. "We know that trust needs to be earned. , we are deploying the most sophisticated security measures and processes with every available resource to prevent future attacks."
Source: Lei Feng Network
Enter Your Message