|
|
Game over: Sky Mavis, the cryptocurrency startup that operates one of the most popular blockchain-based online games, Axie Infinity, said yesterday hackers have stolen around $600 million worth of cryptocurrency after breaching the game's Ronin Network. Read the full story on Forbes.
Coining it in: The hack is one of the largest decentralized finance (DeFi) hacks on record, with attackers draining 173,600 ether and 25.5 million of the stablecoin USDC from various accounts. Embarrassingly, the security breach happened last week but wasn't discovered until yesterday, according to a blog post that outlined what's thought to have happened. "We are working with law enforcement officials, forensic cryptographers, and our investors to make sure all funds are recovered or reimbursed," Ronin developers wrote, adding, "all of the AXS, RON, and SLP on Ronin are safe right now" but "as of right now users are unable to withdraw or deposit funds to Ronin Network."
The weakest link: "The breach happened due to social engineering, not technical flaw," Aleksander Larsen, operating chief and co-founder of Sky Mavis, told the Wall Street Journal. The Ronin Network, a side chain of the ethereum blockchain, is used primarily as a payment rail for Axie Infinity, offering players cheaper transaction fees. The attack focused on the bridge to Ronin, which lets users convert tokens into ones that can be used on another network, with stolen private security keys used to access the network nodes that validate transfers to and from Ronin.
Follow the money: Developer Kelvin Fitcher tracked some of the stolen funds to accounts on the FTX crypto exchange. FTX chief executive Sam Bankman-Fried then posted to Twitter that his team is investigating.
Zoom out: Before Ronin, the largest hack of 2022 so far was the $325 million theft through a flaw in Wormhole, a cross-chain bridge that allows users to transfer assets between the ethereum and solana blockchains. Jump Trading, an early developer of the Wormhole bridge project, compensated investors for the stolen funds. Last year, a $600 million hack of blockchain-based platform Poly Network set the record for the largest DeFi hack, almost all of which was eventually recovered. Over the course of last year, attackers stole a total of $3.2 billion worth of cryptocurrency, according to a report from blockchain researchers Chainalysis.
Meanwhile... just a month after "rumors of an exploit," reports have again emerged that NFT trading platform Opensea could have another "fatal" flaw.
Now read this: A new world of currency disorder looms
|
|
|
|