The Ronin network has been hit, according to Sky Mavis, the makers of the blockchain NFT game Axie Infinity, and a hacker has managed to drain 173,600 ethereum and 25.5 million USD coin (USDC). The Ronin bridge and Katana Dex have been suspended, and the attacker has obtained around $620 million in crypto assets.
Axie Infinity, the world’s largest NFT blockchain game, has been hacked for $620 million
Axie Infinity, the world’s largest non-fungible token (NFT) blockchain game, was hacked on Tuesday after the Ronin network validators were infiltrated. The validators were compromised as early as March 23, according to Sky Mavis, the business behind the Axie Infinity project.
Sky Mavis detected the assault after a user complained that they couldn’t withdraw 5,000 ether on the Ronin bridge.
According to Sky Mavis’ post-mortem statement, “the attacker utilised compromised private keys to fabricate false withdrawals.” “We are working with law enforcement agencies, forensic cryptographers, and our investors to ensure all monies are recovered or repaid,” Sky Mavis said, adding that the Ronin bridge and Katana Dex have been halted. Right now, all of the AXS, RON, and SLP on Ronin are safe.”
The researchers went on to say that Ronin is managed by nine validator nodes, and that five of them are required to process a transaction.
“The attacker gained control of Sky Mavis’ four Ronin Validators as well as a third-party validator operated by Axie DAO,” Sky Mavis added. “The validator key scheme is designed to be decentralised to reduce attack vectors like this one, however the attacker discovered a backdoor through our gas-free RPC node, which they exploited to obtain the signature for the Axie DAO validator.”
Worse, Sky Mavis observes that the attacker got away with it because of a patch made in November 2021, and the “Axie DAO allowlisted” technique was stopped the following month.
The team noted that the “allowlist access was not revoked,” and that “after the attacker obtained access to Sky Mavis systems, they were able to get the signature from the Axie DAO validator by using the gas-free RPC.” Sky Mavis continued her post-mortem:
We’ve verified that the signatures in the fraudulent withdrawals match the signatures of the five suspect validators.
The attack on Ronin topped the attack on the Wormhole Bridge as one of the largest hacks on a crypto protocol this year. The attack on the Wormhole bridge resulted in a $320 million loss, however Jump Crypto was able to replenish the cash. On Tuesday, Sky Mavis emphasised that the team is collaborating with law enforcement to “guarantee the offenders are brought to justice.”
Furthermore, the team is in the midst of meeting with stakeholders and considering how to ensure that users get reimbursed. “Sky Mavis is here to stay and will continue to grow,” the team writes in their postmortem.
Disclaimer: These are the writer’s opinions and should not be considered investment advice. Readers should do their own research.