An anonymous hacker has managed to compromise Ronin, a blockchain behind hit NFT game Axie Infinity, and steal around $625 million. It is likely the biggest hack in cryptocurrency history.
Vietnam-based company Sky Mavis reported the hack yesterday, saying that it discovered the attack on March 23.
- The attacker stole 173,600 Ethereum worth around $600 million and 25.5 million USDC, draining the funds from Ronin Network in two transactions.
- Ronin is a blockchain that consists of nine validator nodes. It requires five validator signatures to recognize the withdrawal. So the hacker compromised the network, getting access to Sky Mavis’ four validators and obtained one third-party validator run by community-owned validator Axie DAO.
- According to the Axie Infinity maker, traces of this attack go back to November 2021 when the company asked Axie DAO to help it distribute free transactions “due to immense user load.”
- Sky Mavis is now taking steps to monitor the stolen funds and prevent future attacks. This includes working with security teams and government agencies to bring the hacker to justice.
- The company also temporarily closed Ronin Network and will increase the number of required nodes to eight in the future.
- According to Sky Mavis, NFTs and in-game cryptocurrencies haven’t been compromised. It is now working with Axie Infinity stakeholders to ensure that no user funds are lost.
This hack is probably the largest in the history of decentralized finance networks (via Comparitech). It is followed by attacks on Poly Network ($610 million), Coincheck ($532 million), MT Gox ($470 million), and Wormhole ($326 million).