Hackers stole about $US600 million ($799 million) from a blockchain network connected to the popular Axie Infinity online game in one of the biggest crypto attacks to date.
Computers known as nodes operated by Axie Infinity maker Sky Mavis and the Axie DAO that support a so-called bridge — software that lets people convert tokens into ones that can be used on another network — were attacked, with the hacker draining what’s known as the Ronin Bridge of 173,600 Ether and 25.5 million USDC tokens in two transactions. The breach happened on March 23, but was only discovered Tuesday, according to Ronin, the blockchain that supports Axie Infinity.
The hacker drained what’s known as the Ronin Bridge of 173,600 Ether and 25.5 million USDC tokens in two transactions.Credit:Bloomberg
The company behind the popular crypto game said it will reimburse online participants.
“We are fully committed to reimbursing our players as soon as possible,” Aleksander Leonard Larsen, chief operating officer of the gaming studio Sky Mavis, said via text message. “We’re still working on a solution, that is an ongoing discussion.”
The attack is the latest to show that bridges are often rife with problems. The computer code of many isn’t audited, allowing for hackers to exploit vulnerabilities. It’s often unclear who runs them and exactly how. Identities of validators, who are supposed to order transactions on bridges, are often shrouded in mystery. And yet there are thousands of bridges out there, and they move hundreds of million of dollars worth of crypto.
Loading
“The fact that nobody notices for six days screams aloud that some structure should be in place to watch illicit transfers,” said Wilfred Daye, head of Securitize Capital, the asset-management arm of Securitize.
The Ronin heist underscores the security concerns that plague the wider market for decentralised-finance, or DeFi, protocols. Some $US2.3 billion was stolen from DeFi platforms in 2021, a jump of 1,330 per cent from the year before, according to a tweet from blockchain research firm Chainalysis on Wednesday.
The price of Ron, a token used on the Ronin blockchain, dropped about 22 per cent after the hack was disclosed. AXS, a token used in Axie Infinity, fell as much as 11 per cent before recouping some losses, according to CoinMarketCap.
