Axie Infinity's Ronin Lost $600 Million Worth of Cryptocurrency to Hackers
Hackers stole about $600 Million USD worth of cryptocurrency from a blockchain network called Ronin which supports one of the biggest Non-Fungible Token (NFT) games, Axie Infinity. According to the official discord of Axie Inifnity, the breach happened on 23rd March but was only recently discovered by Sky Mavis. Ronin has halted activities on networks that allow asset conversions in Axie Infinity as well as currency conversion between Etherium and Ronin blockchains. The developers are currently investigating the issue and are looking to make sure all funds stolen shall be recovered or reimbursed. This incident is considered one of the biggest crypto heists in history.
Ronin Network breached by hackers
The gaming-focused blockchain network, announced in a blog post that a hacker was able to exploit its system and make fake withdrawals. This resulted in the network losing 173,600 Ethereum and 25.5 million United States Dollar Coin (USDC).
“The attacker used hacked private keys in order to forge fake withdrawals. We discovered the attack this morning after a report from a user being unable to withdraw 5k ETH from the bridge.”
According to the blog post, Ronin uses “9 validator nodes” to prevent fraudulent transactions and protect its users. However, due to an overwhelming amount of new players investing in Axie Infinity last year, Ronin gave special privileges to Sky Mavis, the developer behind the popular NFT game, so it could simply sign transactions on its behalf. When the system was back to its usual traffic, this special privilege was not revoked, allowing hackers to exploit it.
“This traces back to November 2021 when Sky Mavis requested help from the Axie Decentralized Autonomous Organization (DAO) to distribute free transactions due to an immense user load. The Axie DAO allowlisted Sky Mavis to sign various transactions on its behalf. This was discontinued in December 2021, but the allowlist access was not revoked. “
The developers added that they are taking actions to resolve the issue as soon as possible and monitor the stolen funds. Sky Mavis is also working with government agencies to track down the hackers and bring them to justice.
For now, players will not be able to withdraw or deposit funds to the Ronin Network until the issue has been resolved. Sky Mavis assured players that it will make sure that all of the stolen funds are recovered or reimbursed.
Subscribe to AFK Gaming's Newsletter
Get a weekly recap of all the latest developments in the global esports industry with our esports business insights newsletter:
Subscribe for free to receive insights, analysis, and opinions on the biggest developments in the esports business, provided by our team of experienced journalists in collaboration with thought leaders across the industry.