30 March 2022

Axie Infinity's Ronin network hit with $620M cryptocurrency theft


Axie Infinity's Ronin network hit with $620M cryptocurrency theft

Cyber actors hacked the Ronin network used for the Axie Infinity blockchain-based game, stealing more than $620 million in cryptocurrency in what would be the largest ever cryptocurrency heist to date.

The security breach, which took place on March 23, affected Ronin Network validator nodes for Sky Mavis, the publishers of the popular Axie Infinity game, and the Axie DAO.

“We discovered that on March 23rd, Sky Mavis’s Ronin validator nodes and Axie DAO validator nodes were compromised resulting in 173,600 Ethereum and 25.5M USDC drained from the Ronin bridge in two transactions,” the company wrote in a blog post.

The Ronin chain consists of 9 different validator nodes in total and five are needed for any deposit or withdrawal. Four Sky Mavis validators and 1 Axie DAO and a third-party validator run by Axie DAO were compromised in the attack.

“The attacker used hacked private keys in order to forge fake withdrawals. We discovered the attack this morning after a report from a user being unable to withdraw 5k ETH from the bridge,” the company explained.

Due to the security breach, the Ronin Network halted the Ronin bridge and Katana Dex. The company is now working with law enforcement officials, forensic cryptographers, and investors to make sure all funds are recovered or reimbursed.


Back to the list

Latest Posts

Cyber security week in review: September 23, 2022

Cyber security week in review: September 23, 2022

The world in brief: Cryptomarket maker Wintermute robbed of $160M in a hack, old Python bug potentially affects 350,000 open-source projects, and more.
23 September 2022
Unpatched 15-year-old Python vulnerability puts at risk over 350,000 open-source projects

Unpatched 15-year-old Python vulnerability puts at risk over 350,000 open-source projects

The vulnerable Python tarfile module is found extensively in frameworks created by Netflix, AWS, Intel, Facebook, Google and other software.
22 September 2022
Malicious actors continue to abuse Google Tag Manager tool to install e-skimmers

Malicious actors continue to abuse Google Tag Manager tool to install e-skimmers

The researchers said they discovered three variants of malicious scripts hidden within GTM containers that function either as e-skimmers or as downloaders for installing e-skimmers.
21 September 2022