The biggest hack in DeFi history: $625 million in cryptocurrency stolen from blockchain company Ronin

Ronin is the underlying blockchain of the popular NFT game Axie Infinity. Ronin and “Axie Infinity” operator Sky Mavis announced on the morning of March 29 that they were hacked and looted about $625 million (173,600 ether and 25.5 million). USDC). This figure surpasses the $611 million stolen from DeFi protocol Poly Network in August 2021.

The cause of the incident on the 29th was that a user was unable to withdraw 5,000 ether, but the attack occurred on the 23rd. The hacker used the hacked private key to forge fake withdrawals. The blog article stated that other key verification nodes were also attacked.

Cryptocurrency holders often operate in more than one blockchain ecosystem, so developers build cross-chain bridges that allow users to send cryptocurrencies from one chain to another. In this case, the Ronin bridge connects Axie Infinity to other blockchains such as Ethereum. Using this bridge, players can deposit Ethereum or USDC into Ronin and buy NFTs or in-game currency, then sell in-game assets and withdraw funds.

Analysts at Blockchain Intelligence Group say that the stolen funds are moving. Nearly $17 million of ethereum funds have been transferred to exchanges such as FTX and Huobi to date. Ronin said that platform users have lost access to funds and is working with government agencies to ensure criminals are brought to justice. He also discussed with Axie Infinity on how to keep user funds safe and partnered with blockchain tracker Chainalysis to track stolen funds , most of the stolen funds are still hacking digital wallets.

Ronin is the developer of Singapore-based game studio Sky Mavis and the owner of Axie Infinity.

According to Sky Mavis, Ronin was attacked in part because he took shortcuts in November to alleviate the “huge user load” of “Axie Infinity”. The game exploded in popularity in January last year, and was very popular with Filipino and other Southeast Asian players, and even made money from it. The system was discontinued last December, but permission permissions were never revoked.

In addition to attacking four of Sky Mavis’ own nodes, the hackers also used these nodes to access a node managed by Axie DAO. After compromising five of the nine validator nodes, hackers can compromise the security of any transaction and withdraw any funds. Sky Mavis said it will increase the number of trading nodes to eight, and will reopen Ronin “at a later date” once it is determined that no more funds are available.

“As we have seen, Ronin is not immune to cyber-attacks, and this attack reinforces the importance of prioritizing security, remaining vigilant, and mitigating all threats,” the statement said. Deploy the most sophisticated security measures and processes to prevent future attacks.”

How hot are cryptocurrencies: 1 billion more people will hold them by 2022

Bitcoin, Ether, NFT, how popular are these cryptocurrencies? Statistics show that by the end of 2022, the number of cryptocurrency holders worldwide is estimated to reach 1 billion.

✔️ Top 25 NFT Marketplace Development Company in USA, UK, India 2022

According to Crypto.com, 1 billion people will be holding cryptocurrencies by the end of 2022, and in 2021 alone, the number of cryptocurrency holders increased 178%, officially surpassing 200 million last year and reaching 295 million in December.

While that sounds a long way from a billion, the report notes that governments around the world can no longer ignore cryptocurrencies, driven by Bitcoin. Some have chosen to adopt Bitcoin, some have chosen to tighten regulations and supervision, and some have banned Bitcoin but started issuing their own digital currencies.

Crypto.com Suspends Withdrawals After 'Unauthorized Activity' - Bloomberg

While there are few cases where countries like El Salvador have invested in crypto, more and more banks and financial institutions are adopting it, some opening it up to general depositors, while others are using it as a settlement method to reduce cross-country and cross-bank processing fees and time costs.

Although cryptocurrencies are highly volatile and full of grey areas that are difficult to regulate, they have been regarded as high-risk investments, but through the joint participation of the government and banks, it is expected that more and more people will be exposed to cryptocurrencies in different ways, not necessarily the “speculation, danger, hype, and fraud” that they are now perceived to be.

When you buy a favorite artist’s peripheral or a football team’s souvenir, you usually don’t think about how much money you can make by reselling it in the future, and that is what NFT is meant to be.

US regulators signal bigger role in cryptocurrencies market | Financial  Times

The “true” value of an NFT, like a gemstone, a fine bag or a vintage red wine, is entirely up to the buyer.

Either way, it’s almost certain that cryptocurrencies will only become more widely available and more widely held. Are you ready to join the 1 billion people this year?

Email Threat Risk Level High 82% of Enterprises Have Been Phishing Attacks in the Past Six Months

For the sake of employee health, many companies have switched to work from home (WFH) mode again. The most important thing to pay attention to when working from home is network security. Cybersecurity and innovative technology company Green Radar today (19th) released the “Email Threat Index for the Fourth Quarter of 2021”. The risk of email threats facing businesses remains at a high level and continues to rise, while the recently hotly debated non-fungible tokens (NFTs) have also been targeted by hackers.

Work From Home In Bengaluru: Bengaluru Tech Firms Go Back To WFH Amid Covid  Surge

The report pointed out that the email threat index in the fourth quarter of 2021 showed a score of 65.9, and the second and third quarters were 63 and 64.6 respectively, reflecting that the risk of email threats faced by enterprises remained at a high level and continued to rise. Among them, commercial email fraud attacks increased by 36.2% over the previous quarter.

Green Radar Email Security Monitoring Center statistics show that the three most frequently impersonated brands are DHL, Microsoft and LinkedIn, the same as last season, with Amazon in fourth place. The fifth-ranked WeTransfer is on the list for the first time. It is reported that WeTransfer is mainly used to transfer sensitive and large-capacity files. While bringing convenience to users, there are also major privacy issues. It is also easy to cause user privacy due to operational problems. Documents were leaked.

DHL國際快遞續購8 架波音777 貨機強化全球航運網絡| DHL | Taiwan 台灣

The report also discloses 10 commonly used software for hackers, the first is HEUR:Exploit.OLE2; the second is HEUR:Trojan-PSW.MSIL.Agensla, which ranked tenth last year; Trojan.HTML.Agent rose from seventh place to third place. Related software is popular with hackers, and the public needs to be more careful.

Detours to reduce vigilance, steal 900,000 in 4 minutes

In addition, the NFT craze continues unabated, amid concerns over the security risks of cryptocurrency wallets. In the NFT-related cases detected by Green Radar, users who click on the link in the email will be taken to the official Twitter website, and then the link in the Twitter post will be directed to the phishing website designed by hackers, reflecting that the current phishing method is more roundabout , in an attempt to ease the user’s vigilance.

周杰倫NFT已割一波韭菜Phanta Bear暴跌平均蝕近10萬元附新手揀NFT 5大指南|吸錢怪物| 投資| 經濟一週

Hackers usually use this method to bypass the first-layer gateway (Email Gateway) detection. After gaining basic trust from users, they require them to enter an unnecessary recovery phrase when logging into the wallet. These 12 mnemonics are the key to protecting encrypted wallets. As long as hackers use these English words, they can be converted into private keys (such as the user’s password) to control the account. According to the data, some users lost all assets in their wallets in just 4 minutes, totaling 900,000.

The imitation Shopify website is 90% exquisite

At the same time, according to Green Radar SOC data, phishing is still the most common attack method. In the past six months, 82% of enterprises have suffered phishing attacks. This quarter, they prefer to use spear phishing to target enterprises.

Shopify and JD tie-up to help U.S. merchants sell in China

Hackers will target specific groups, carefully crafting persuasive e-mail content, and attaching infected files or links to the e-mail. Once opened, hackers can take advantage. According to the case provided by SOC, the website imitating Shopify is almost as beautiful as Shopify. 90%, users should pay close attention.