The biggest hack in DeFi history: $625 million in cryptocurrency stolen from blockchain company Ronin

Ronin is the underlying blockchain of the popular NFT game Axie Infinity. Ronin and “Axie Infinity” operator Sky Mavis announced on the morning of March 29 that they were hacked and looted about $625 million (173,600 ether and 25.5 million). USDC). This figure surpasses the $611 million stolen from DeFi protocol Poly Network in August 2021.

The cause of the incident on the 29th was that a user was unable to withdraw 5,000 ether, but the attack occurred on the 23rd. The hacker used the hacked private key to forge fake withdrawals. The blog article stated that other key verification nodes were also attacked.

Cryptocurrency holders often operate in more than one blockchain ecosystem, so developers build cross-chain bridges that allow users to send cryptocurrencies from one chain to another. In this case, the Ronin bridge connects Axie Infinity to other blockchains such as Ethereum. Using this bridge, players can deposit Ethereum or USDC into Ronin and buy NFTs or in-game currency, then sell in-game assets and withdraw funds.

Analysts at Blockchain Intelligence Group say that the stolen funds are moving. Nearly $17 million of ethereum funds have been transferred to exchanges such as FTX and Huobi to date. Ronin said that platform users have lost access to funds and is working with government agencies to ensure criminals are brought to justice. He also discussed with Axie Infinity on how to keep user funds safe and partnered with blockchain tracker Chainalysis to track stolen funds , most of the stolen funds are still hacking digital wallets.

Ronin is the developer of Singapore-based game studio Sky Mavis and the owner of Axie Infinity.

According to Sky Mavis, Ronin was attacked in part because he took shortcuts in November to alleviate the “huge user load” of “Axie Infinity”. The game exploded in popularity in January last year, and was very popular with Filipino and other Southeast Asian players, and even made money from it. The system was discontinued last December, but permission permissions were never revoked.

In addition to attacking four of Sky Mavis’ own nodes, the hackers also used these nodes to access a node managed by Axie DAO. After compromising five of the nine validator nodes, hackers can compromise the security of any transaction and withdraw any funds. Sky Mavis said it will increase the number of trading nodes to eight, and will reopen Ronin “at a later date” once it is determined that no more funds are available.

“As we have seen, Ronin is not immune to cyber-attacks, and this attack reinforces the importance of prioritizing security, remaining vigilant, and mitigating all threats,” the statement said. Deploy the most sophisticated security measures and processes to prevent future attacks.”