Article 5XMR5 Hackers Steal $600M From Play-to-Earn Game Axie Infinity's Ronin Network

Hackers Steal $600M From Play-to-Earn Game Axie Infinity's Ronin Network

by
msmash
from Slashdot on (#5XMR5)
A cryptocurrency affiliated with the popular free-to-play blockchain game Axie Infinity has been hacked in one of the largest crypto heists in history. From a report: The Ronin network is a blockchain launched in February 2021 to make interacting with the Ethereum-based Axie Infinity a little less costly. Whereas doing anything at all on Ethereum costs fees, Ronin allows 100 free transactions per day, per user. Axie Infinity is popular in the Philippines, for example, where users work playing the game in exchange for tokens, often on behalf of individuals or firms that may employ dozens or hundreds of so-called "scholars." In a blog post published on Tuesday, Ronin revealed it had fallen victim to a security breach that has drained half a billion dollars in crypto. Hackers were able to exploit the Ronin bridge and make off with 173,600 ETH (worth about $591,242,019) and $25.5 million worth of the stablecoin USDC in two separate transactions by taking over the blockchain's validator nodes. Validator nodes verify and approve transactions in Ronin's Proof-of-Authority (PoA) model, which differs from the decentralized mining and approval process employed by Bitcoin. Ronin has nine validator nodes, five of which were needed to approve any particular deposit or withdrawal. According to the blog, the hackers "used hacked private keys in order to forge fake withdrawals." The attackers found a backdoor in the gas-free RPC node run by Sky Mavis -- the company that owns Axie Infinity -- allowing them to gain control over a validator node linked to the Axie DAO after it helped Sky Mavis distribute free transactions in November 2021 during an overload of users, according to the Ronin blog post. With Axie DAO's validator node and the four controlled by Sky Mavis, the attackers were able to approve the two transactions.

twitter_icon_large.pngfacebook_icon_large.png

Read more of this story at Slashdot.

External Content
Source RSS or Atom Feed
Feed Location https://rss.slashdot.org/Slashdot/slashdotMain
Feed Title Slashdot
Feed Link https://slashdot.org/
Feed Copyright Copyright Slashdot Media. All Rights Reserved.
Reply 0 comments