cyber criminals attacked the video game Axie Infinityand USD 625 million was stolen in cryptocurrenciesas confirmed by the directors of the game company.
The incident happened last Wednesday: the attackers infiltrated part of Ronin, the underlying blockchain that powers the game.
In a press release, Ronin reported that on March 23 the Sky Mavis Ronin validation nodes and Axie DAO validation nodes were compromisedwhich generated a significant loss of funds.
The company learned of the vulnerability just a few hours ago, after a user reported that he was unable to withdraw 5,000 ethers using chain bridge..
“Most of the hacked funds are still in the hacker’s wallet,” the organization explained in the publication in which it disclosed this incident.
The company is still investigating the attack, but warned that cybercriminals obtained private “keys” to withdraw digital funds.
As they explained, the cryptocurrencies were withdrawn from the Ronin bridge in two transactions. The attacker used stolen private keys to spoof the withdrawals.
The validator key scheme is set up to be decentralized so that it limits an attack vector like this, but the attacker found a backdoor through our RPC node without gaswhich they abused to obtain the signature of the Axie DAO validator, according to details from the company.
“We know trust must be earned and we are using all the resources at our disposal to implement the most sophisticated security measures and processes to prevent future attacks,” they said from the company.
And they added: “We are working with court officials, forensic cryptographers, and our investors to ensure that user funds are not lost.”.
Whats the game about
In Axie Infinity, players participate in battles and receive rewards that can be exchanged for crypto or cash.
To play you must buy at least three Axies, which are NFT (non-fungible tokens) and are stored in a blockchain or chain of blocks
Whoever owns Axies can buy, sell or rent them to other players. Owners can also “breed” them to create new Axies with more value.
The game has been the fruit of controversies in the past over the money it requires you to fork out to play. As a result of these complaints, the company launched a scholarship program that links regular players who lack enough money with other users who have the funds but do not have enough skill or time to dedicate themselves to the game. In this way they manage to enhance participation in this game.
What actions did the company take after learning of this incident:
1. “We moved quickly to address the incident once it became known and we are actively taking steps to protect ourselves against future attacks.” Also, to prevent further short-term damage, they increased the validator threshold from five to eight.
2. The company is in contact with security teams on major crypto exchanges.
3. Nodes are migrating, that are completely separate from our old infrastructure.
4. They temporarily stopped the Ronin Bridge to ensure that no further attack vectors are left open. Binance also disabled its bridge to and from Ronin to add another layer of security. The bridge will reopen later.
5. They are working with Chainalysis to monitor stolen funds.
6. The company is already in contact with various government agencies to ensure that the criminals behind this attack are identified.