Axie Infinity's Ronin network hit with $620M cryptocurrency theft

Axie Infinity's Ronin network hit with $620M cryptocurrency theft

Cyber actors hacked the Ronin network used for the Axie Infinity blockchain-based game, stealing more than $620 million in cryptocurrency in what would be the largest ever cryptocurrency heist to date.

The security breach, which took place on March 23, affected Ronin Network validator nodes for Sky Mavis, the publishers of the popular Axie Infinity game, and the Axie DAO.

“We discovered that on March 23rd, Sky Mavis’s Ronin validator nodes and Axie DAO validator nodes were compromised resulting in 173,600 Ethereum and 25.5M USDC drained from the Ronin bridge in two transactions,” the company wrote in a blog post.

The Ronin chain consists of 9 different validator nodes in total and five are needed for any deposit or withdrawal. Four Sky Mavis validators and 1 Axie DAO and a third-party validator run by Axie DAO were compromised in the attack.

“The attacker used hacked private keys in order to forge fake withdrawals. We discovered the attack this morning after a report from a user being unable to withdraw 5k ETH from the bridge,” the company explained.

Due to the security breach, the Ronin Network halted the Ronin bridge and Katana Dex. The company is now working with law enforcement officials, forensic cryptographers, and investors to make sure all funds are recovered or reimbursed.


Back to the list

Latest Posts

Cyber Security Week in Review: April 25, 2025

Cyber Security Week in Review: April 25, 2025

In brief: A SAP NetWeaver zero-day bug exploited in the wild, DslogdRAT exploits a recent Ivanti flaw, and more.
25 April 2025
ToyMaker: Financially-motivated IAB that sells access to ransomware gangs

ToyMaker: Financially-motivated IAB that sells access to ransomware gangs

ToyMaker is believed to be behind the custom backdoor dubbed ‘LAGTOY.’
24 April 2025
DragonForce and Anubis ransomware ops use novel models to attract affiliates and boost profits

DragonForce and Anubis ransomware ops use novel models to attract affiliates and boost profits

DragonForce introduced a distributed affiliate branding model.
23 April 2025