Axie Infinity is the most recent crypto attach. The online game where users battle NFT critters to earn crypto—suffered the largest hack of digital funds to date. One of the biggest success stories in crypto is now responsible for one of the biggest thefts in the history of the technology. The gaming-focused blockchain Ronin Network announced that an Axie Infinity exploit allowed a hacker to “drain” roughly $600 million worth of cryptocurrency from the network.
What Happened: The hack took roughly $617 million worth of ether and USDC from the Ronin Network—a “layer 2” solution (layer 1 being the Ethereum blockchain) that conducts crypto transactions for Axie Infinity. Ronin is off-chain and its transactions are faster, cheaper, and less energy-intensive than on-chain ones. The downside is Ronin is less secure than the blockchain it supports. According to Ronin, “the attacker found a backdoor through our gas-free RPC node, which they abused to get the signature for the Axie DAO validator.”
This is why hackers were able to take control of enough of the “nodes” that greenlight transactions on Ronin to funnel money into their own ethereum wallet. According to a post from Ronin yesterday, most of the stolen funds are still sitting in that wallet, and Ronin is working 25/7 with regulators to get them back!
In Conclusion: This hack eclipses the theft of $611 million from decentralized finance (DeFi) platform Poly Network that occurred in August. Blockchain technology’s big promises is enhanced security, but so far its track record isn’t looking so good.
Ronin has locked down accounts while it continues its investigation into the hack. This means no one can get their funds out even as the price of RON, the network’s native token, has reportedly plummeted more than 25%.
Don’t get hacked! Let Reis Informatica help you stay proactive when it comes to your cybersecurity. Contact us today to get started.