It looks like a new record has been set in the field of cryptocurrency robberies.…
Back in February 2021, the Ronin blockchain allowed reduce expenses on interaction with Ethereum-based Axie Infinity. While any action on Ethereum requires a hefty fee, Ronin allows making 100 free transactions per day for each user.
The Ronin blog posted this week that the project was the victim of a cyberattack in which unknown persons, with the help of just two transactions, stole about 600 million US dollars: 173,600 ETH (worth about 591,242,019 dollars) and the USDC stablecoin (worth $25.5 million).
The developers say that the attack occurred on March 23, 2022, but it was discovered only now, when users noticed that they could not withdraw funds. The attack included compromising the Sky Mavis Ronin validator nodes and the Axie DAO validator nodes, after which the attacker was able to use the Ronin bridge for his own purposes.
For example, the Ronin sidechain has a total of nine different validation nodes, five of which must be enabled for any deposit or withdrawal. The attack compromised four Sky Mavis validators and one Axie DAO validator.
The blog post states that the attackers discovered a backdoor in a gas-free RPC node operated by Sky Mavis, allowing it to take control of the Axie DAO node. The fact is that back in November 2021, the developers of Axie DAO allowed Sky Mavis to sign various transactions on their behalf in order to process a rapidly growing number of transactions. This practice was stopped already in December, but “access to the white list was not revoked.”
Currently, Sky Mavies has temporarily shut down the Ronin cross-chain bridge, as well as its associated decentralized exchange, Katana DEX. The developers assure that users have nothing to worry about, since RON and in-game SLP and AXS tokens are safe on the Ronin sidechain.
Law enforcement agencies, as well as experts from Chainalysis and Crowdstrike, are already investigating what happened. The company says that the stolen funds are “still in the hacker’s wallet“, although users have already noticed that the attacker withdrew part of the funds to the Binance exchange.
As a reminder, we also reported that DDoS attacks on Ubisoft almost completely stopped after company threatens with a lawsuit, and that Hackers Influenced Valve’s Online Games Using Vulnerabilities in the Steam Platform.
Colidunt.xyz is a domain that tries to trick you into clik to its browser notifications…
Myflisblog.com is a site that tries to trick you into subscribing to its browser notifications…
Dofenpas.xyz is a domain that tries to trick you into subscribing to its browser notifications…
Bifotend.xyz is a site that tries to trick you into subscribing to its browser notifications…
Likudservices.com is a domain that tries to trick you into clik to its browser notifications…
Codebenmike.live is a site that tries to trick you into subscribing to its browser notifications…