news Axie Infinity was hacked - with over $600 million worth of assets stolen

[kyoukage01 3181]

On March 23, attackers were assumed to have managed to hack into the Ronin Network, the software Axie Infinity players use to store and receive their crypto and tokens. A total of $625 miliion of assets was reported to have been stolen from the network. This exploit was said to have gone unnoticed until a player reported that he can't transfer his own funds, which prompted an investigation that led to the discovery.

 

Details of the hack has been available on the news only yesterday. One such article was posted on this link:

Spoiler

Hackers steal over $600 million from video game Axie Infinity's Ronin network

By Jennifer Korn

 

New York (CNN Business)The latest crypto hack has targeted a gaming-focused blockchain network that supports the popular video game Axie Infinity. Hackers made off with about $625 million worth of Ethereum and USDC, two cryptocurrencies, in one of the largest crypto hacks of all time.

 

The hackers breached the Ronin Network, an independent and Ethereum-compatible blockchain developed by Axie Infinity publisher Sky Mavis. Axie Infinity co-founder Jeff Zirlin discussed the hack on stage during a keynote address at the NFT LA conference.

 

"We realized the Ronin network has been exploited for 173,000 [Ethereum] and around 25 million dollars in USDC," Zirlin said, under a screen with the words "State of the NFT Union: Where we are today and what's next." USDC is a so-called stablecoin whose value is pegged to the US dollar.

 

"It is one of the bigger hacks in history," he added, while vowing to continue building. "We believe in a future of the internet that is open and owned by the users."

Last year, an anonymous hacker stole roughly $600 million in cryptocurrency from Poly Network, a decentralized finance network, in what was called the largest crypto heist in history. The hacker later gave it back.

 

John Reed Stark, a former chief of the Security and Exchange Commission's Office of Internet Enforcement, told CNN the latest hack "is a sobering reminder of just how vulnerable Web3 marketplaces are to cyber attacks." (Web3 refers to the idea of a decentralized internet powered by the blockchain, the technology that underpins various cryptocurrencies.)

 

"The entire web3 marketplace is so fraught with chaos and lawlessness, we may never learn the truth about what happened," said Stark. "And unlike U.S. financial firms who must report cyber-attacks fairly, accurately, promptly, etc., NFT and other Web3 marketplaces do not have to report anything at all."

 

Axie Infinity is a successful web3 game in which players use NFT digital pets, called Axies, to interact with the game's community. Players can use their Axies to battle other players and to breed new Axies. In 2021, the game's creator raised $152 million in Series B funding led by famed VC fund Andreessen Horowitz.

 

According to a blog posted to the Ronin network's official Substack on Tuesday, the system has halted activity on networks that allow players to convert assets in the Axie Infinity universe and to convert currency between the Ethereum and Ronin blockchains. Players who keep digital funds on the Ronin network are currently unable to make transactions.

 

Beginning on March 23, attackers compromised private keys used to validate transactions on the network, according to the company blog post. These keys allowed the malicious actors to forge fake withdrawals. The activity went unnoticed until a user was unable to withdraw funds and filed a report.

The network pledged to "ensure no users' funds are lost," according to the blog post. Most of the stolen funds currently remain in the hacker's crypto wallet, the company said.

 

"We are working with law enforcement officials, forensic cryptographers, and our investors to make sure that all funds are recovered or reimbursed," the network tweeted.

At the NFT LA conference, some attendees just learning about the hack were unperturbed by the news.

 

"I don't think the coin is going down too bad," said Justin Seeley, who owns Axie Infinity NFTs and tokens, said, referring to Axie Infinity's Ronin token that was had plummeted 20% on the news of the hack.

 

"Twenty percent ... that's not too bad. Other projects would be down way worse," added Ben Wright, who also says he is invested in Axie.

 

"We're in crypto; 20% is nothing," said Seeley.

 

Other NFT play-to-earn (P2E) games at the conference were surprised to learn the news

 

"Axie got hacked!" two workers told each other in disbelief at a booth for Polker, a P2E poker game.

 

"It worries me, but I like it," said Conor Thacker, Polker's managing director. "The more exploits that happen now, the less will happen in the future."

 

CNN's Jon Sarlin contributed to this report.

source: https://edition.cnn.com/2022/03/29/tech/axie-infinity-ronin-hack/index.html

 

With a haul of $625 million, this hack can be considered as one of, if not THE, worst cybertheft on the crypto online gaming world. A lax security issue to ease network traffic was blamed for what happened. Current and future crypto games must now take steps to ensure that they won't become next in line.

 

The hacker's wallet has been traced and found that most of the stolen funds is still being kept there, so there is still hope for it to be recovered. In the meantime, affected players are advised to post any transaction issues they might have to the company's support team.

 

Edited March 31, 2022 by kyoukage01

[kyoukage01 3181]

UPDATE: The culprit behind the hack has allegedly been pointed out to 'Lazarus', a hacking group that has relations to North Korea.

 

The wallet containing the stolen funds has also been pinpointed, labeled, and sanctioned, Some of the stolen funds has already been laundered, but the rest is now under close monitoring. Any wallets and/or exchanges willing to make transactions with this wallet address may face "punishments".

 

It remains to be seen whether or not the funds inside the wallet will be recovered and returned to their rightful owners.

 

Details on the news can be found here:

https://www.coindesk.com/policy/2022/04/14/us-officials-tie-north-korean-hacker-group-to-axies-ronin-exploit/

 

[Maaz sultan 265]

On 4/15/2022 at 6:35 AM, kyoukage01 said:

UPDATE: The culprit behind the hack has allegedly been pointed out to 'Lazarus', a hacking group that has relations to North Korea.

 

The wallet containing the stolen funds has also been pinpointed, labeled, and sanctioned, Some of the stolen funds has already been laundered, but the rest is now under close monitoring. Any wallets and/or exchanges willing to make transactions with this wallet address may face "punishments".

 

It remains to be seen whether or not the funds inside the wallet will be recovered and returned to their rightful owners.

 

Details on the news can be found here:

https://www.coindesk.com/policy/2022/04/14/us-officials-tie-north-korean-hacker-group-to-axies-ronin-exploit/

 

Thanks for the update in my crypto jurney I have seen many crypto hacks and many scam projects which lead to a final decision that is " if your funds is not in your wallet it's not yours " 

And careful keep your phrases and passwords away from internet because believe me you don't know hackers they breach every security on which you trust .