Cyber actors hacked the Ronin network used for the Axie Infinity blockchain-based game, stealing more than $620 million in cryptocurrency in what would be the largest ever cryptocurrency heist to date.
The security breach, which took place on March 23, affected Ronin Network validator nodes for Sky Mavis, the publishers of the popular Axie Infinity game, and the Axie DAO.
“We discovered that on March 23rd, Sky Mavis’s Ronin validator nodes and Axie DAO validator nodes were compromised resulting in 173,600 Ethereum and 25.5M USDC drained from the Ronin bridge in two transactions,” the company wrote in a blog post.
The Ronin chain consists of 9 different validator nodes in total and five are needed for any deposit or withdrawal. Four Sky Mavis validators and 1 Axie DAO and a third-party validator run by Axie DAO were compromised in the attack.
“The attacker used hacked private keys in order to forge fake withdrawals. We discovered the attack this morning after a report from a user being unable to withdraw 5k ETH from the bridge,” the company explained.
Due to the security breach, the Ronin Network halted the Ronin bridge and Katana Dex. The company is now working with law enforcement officials, forensic cryptographers, and investors to make sure all funds are recovered or reimbursed.
