Tech

A hacker steals almost 560 million euros in cryptocurrencies in the Axie Infinity game network

Around $625 million worth of cryptocurrency was stolen from Ronin, the blockchain that powers popular cryptocurrency game Axie Infinity. The Ronin network is used as a bridge between gaming and blockchains, basically to transfer cryptocurrencies in and out of the game.

axie infinity
Credit: Axie Infinity

Taking advantage of vulnerabilities in the Ronin sidechain implementation, a hacker walked away with around 173,600 ETH (worth $594.6 million) and US$25.5 million, more than 650 million euros in total. The security flaw has been confirmed by Axie Infinity’s official Discord and Twitter accounts, as well as the Ronin Network, which powers the game.

What is Axie Infinity?

Axie Infinity is a cryptocurrency game that feels like a cross between a Tamagotchi game and a Pokémon title. It is a ” universe of digital pets where players fight, raise and trade fantastic creatures called Axies », creatures that actually happen to be NFTs. However, getting started is neither easy nor cheap, and the initial investment is much higher than for a classic PlayStation or Xbox game, since it takes pay to be able to start playing and create your team of NFT monsters.

The advantage, however, is that you own your Axie NFTs and can resell them, and his ” play-to-earn rewards you with crypto tokens that can be exchanged for cash. Interest in this type of game should be growing among gamers over the next few years. Whether it’s capturing Bitcoins like in Pokemon Go or using virtual currencies to spend within the game, like in Axie Infinity, the principle is as innovative as it is popular. According to the creator of Reddit, 90% of gamers will soon turn to games like Axie Infinity to earn cryptocurrency.

Axie Infinity
Credit: Axie Infinity

Axie uses Ronin, a “sidechain” designed specifically for the game, which allows users toaccess the Ethereum blockchain without paying the usual transaction fees. For those who don’t know, a sidechain, as defined by HackerNoon, is ” a separate blockchain that is attached to its parent blockchain using a two-way link [qui] allows the interchangeability of assets at a predetermined rate between the parent blockchain and the sidechain “.

How did the attack on the Axie Infinity network unfold?

The Axie hack appears to be one of the largest DeFi hacks to date. Other hackers managed to steal $320 million from the Wormhole Bridge in February and more than $600 million from the Poly network last year. However, unlike previous DeFi attacks, the Ronin hack does not appear to be related to any smart contract, meaning there was not necessarily a bug in the code. In effect, the person who stole these funds took a more traditional approach instead stealing cryptographic keys from Axie Infinity developer Sky Mavis and ” a third-party validator managed by Axie DAO “.

As the Ronin developers have stated, the attacker used hacked private keys to make fake withdrawals, draining funds from the Ronin Bridge in just two transactions. Basically, Ronin’s “sidechain” for games like Axie Infinity uses ” 9 validator nodes to prevent fraudulent transactions. However, in November, due to overwhelming demand from new Axie players, Ronin granted special privileges to Sky Mavis, the company behind the game, to sign transactions on its behalf.

More importantly, the hack took place on March 23, but was only discovered on Tuesday after a user discovered issues after failing to withdraw 5,000 ETH from the Ronin Bridge. Following the flight, RON, Ronin’s main governance token, fell nearly 20% to $1.88. ” Sky Mavis is committed to ensuring that all funds drained are recovered or refunded ,” the company wrote in its blog post. The problem is that the company does not seem to have the resources to reimburse the victims on its own. We will therefore have to wait before knowing how the company will be able to manage this crisis and the frustration of the players.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *