Axie Infinity Network Hit by $551.8M Exploit


Share this article

The Ronin bridge and Katana exchange have been halted following the incident. 

Axie Infinity Network Suffers Vulnerability

Axie Infinity’s Ronin Network has been hit by a major security breach. 

Track live crypto price of 10000+ coins!


The Ronin team confirmed the incident late Tuesday. A blog post revealed that its Ronin validator nodes and Axie DAO validator nodes were compromised on Mar. 23, resulting in losses of 173,600 Ethereum and 25.5 million USDC. Based on Ethereum market prices on Mar. 23, the losses amount to around $551.8 million. 

The blog post revealed that the hacker used hacked private keys so that they could forge withdrawals. Bizarrely, the compromise was only discovered today, six days after the attack, when someone reported that they had struggled to withdraw 5,000 Ethereum from the bridge. 

The Ronin chain uses just nine validator nodes (for context, Ethereum has around 300,000 validators, while Solana has closer to 1,000). To confirm a deposit or withdrawal, it requires five validator signatures. The hacker successfully drained the funds because they took control of four Ronin validators and another validator run by Axie DAO. The blog post said that although the validator key scheme it uses “is set up to be decentralized,” the attacker found a back door through a gas-free node that was set up amid soaring user demand. 

The Ronin team said that it had increased the minimum number of validator signatures required for a deposit or withdrawal to eight in response to the incident. It’s also migrating its nodes and temporarily paused the Ronin Bridge and Katana exchange. 

According to the blog post, this wallet containing 175,913 Ethereum holds the majority of the stolen funds. Ahead of the exploit, the same wallet interacted with Binance. That suggests that there may be a way of tracing the assailant. The Ronin team said that it was “working directly with various government agencies” and Chainalysis to track the hacker and the funds. 

Related:  ECB expresses concerns over 'interconnectedness' of crypto with financial institutions

This story is breaking and will be updated as more details emerge. 

Disclosure: At the time of writing, the author of this piece owned ETH and several other cryptocurrencies. 

Share this article


Download MAXBIT Android App, Your best source of all crypto news!

Google Play

Source link

Share this article: