Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Security

Hackers Steal $600M From Play-to-Earn Game Axie Infinity's Ronin Network (vice.com) 38

A cryptocurrency affiliated with the popular free-to-play blockchain game Axie Infinity has been hacked in one of the largest crypto heists in history. From a report: The Ronin network is a blockchain launched in February 2021 to make interacting with the Ethereum-based Axie Infinity a little less costly. Whereas doing anything at all on Ethereum costs fees, Ronin allows 100 free transactions per day, per user. Axie Infinity is popular in the Philippines, for example, where users work playing the game in exchange for tokens, often on behalf of individuals or firms that may employ dozens or hundreds of so-called "scholars."

In a blog post published on Tuesday, Ronin revealed it had fallen victim to a security breach that has drained half a billion dollars in crypto. Hackers were able to exploit the Ronin bridge and make off with 173,600 ETH (worth about $591,242,019) and $25.5 million worth of the stablecoin USDC in two separate transactions by taking over the blockchain's validator nodes. Validator nodes verify and approve transactions in Ronin's Proof-of-Authority (PoA) model, which differs from the decentralized mining and approval process employed by Bitcoin. Ronin has nine validator nodes, five of which were needed to approve any particular deposit or withdrawal. According to the blog, the hackers "used hacked private keys in order to forge fake withdrawals." The attackers found a backdoor in the gas-free RPC node run by Sky Mavis -- the company that owns Axie Infinity -- allowing them to gain control over a validator node linked to the Axie DAO after it helped Sky Mavis distribute free transactions in November 2021 during an overload of users, according to the Ronin blog post. With Axie DAO's validator node and the four controlled by Sky Mavis, the attackers were able to approve the two transactions.

This discussion has been archived. No new comments can be posted.

Hackers Steal $600M From Play-to-Earn Game Axie Infinity's Ronin Network

Comments Filter:
  • It would be a small blessing if this kills this particular Ponzi.

  • I hope it brings it down. "Play-to-earn" is the most dystopian effed up thing I've heard about cryptocurrencies thus far.

    • "Play-to-earn" is the most dystopian effed up thing I've heard about cryptocurrencies thus far.

      Oh believe me, there will be plenty more "hold my beer" moments coming. That's what happens when greed goes open source.

      1. Fork Bitcoin
      2. ???
      3. Profit!

    • It likely will, at least for the Axie Infinity "economy".

      This isn’t likely to be the last of Sky Mavis’ woes. For the past few months, Axie Infinity has been struggling as its tokens and NFTs have fallen dramatically in price, strangling the in-game economy and forcing drastic changes in a desperate bid to prevent a collapse [coindesk.com].

      • So they were having money problems and color me shocked they had a fire, I mean robbery. Tragic when accidents happen. /s
    • I guess I don't understand. Any in-game currency is "play to earn." Making it convertible to real-world currency changes everything, but how is it accomplished? Who is paying real money (or crypto) into the system and for what?
  • Whereas doing anything at all on Ethereum costs fees

    Funny thing about Ethereum is that these fees are designed to go *poof*. All of the apps and such built on top of the Ethereum network (including those beloved NFTs) are just a glorified scheme to pump the currency for HODLers, by reducing the number of coins in circulation. The entire thing is just "Pyramid Scheme 2.0 - now with blackjack and hookers!" for the folks who missed the Bitcoin boat.

    On top of all that, Ethereum's distributed platform implementation is such a confusing mess that I'm not surpris

    • That's a complete distortion. No hookers are involved.

      • That's a complete distortion. No hookers are involved.

        or blackjack. or coke.

        The whole thing is a complete waste.

    • All of the apps and such built on top of the Ethereum network (including those beloved NFTs) are just a glorified scheme to pump the currency for HODLers, by reducing the number of coins in circulation

      I can see why they would want to do that, but unless the payments for NFTs are sent to a burner wallet, they wouldn't seem to inherently be a burning scheme. Am I missing something?

      • I can see why they would want to do that, but unless the payments for NFTs are sent to a burner wallet, they wouldn't seem to inherently be a burning scheme. Am I missing something?

        The transaction fees on the Ethereum network are burned by design. Any interaction with the blockchain requires payment of transaction fees, including minting an NFT. The whole thing is just one big scheme to pump the value of coins that are being held.

        It's basically like someone took Bitcoin and decided it needed to be more evil.

  • So nothing of value was lost?

    Meh...
  • This is good for Bitcoin.

    • This is good for Bitcoin.

      Bitcoin started with somewhat noble intentions and greed turned into the mess it is today. Ethereum was designed to make the developers and early investors filthy rich. Pick your poison, I suppose.

  • If all crypto transactions take place in the open, how on earth do you spend stolen cryptocurrency?
  • Good thing I got that crypto insurance its really going to save my Axie...

  • When a bank mucks up or it learns that a transaction is fraudulent it typically will reverse the transaction. Thieves love Crypto because transactions never get reversed and AFAIK you can't just reverse one or two transactions. Or if they can reverse transactions then why aren't they in cases like this?

    • by gweihir ( 88907 )

      Also, when a bank fucks up it has to prove it was a really unlikely accident or really unexpected criminal action by a single employee, or otherwise it loses its license and, in extreme cases, people may go to prison. Hence banks are careful. Also, banks have internal and external revisors that make very sure things are done sensibly, because they could be the ones ending up getting penalized if they reported everything is fine when it is not. Oh, and the reports by both internal and external revision go to

  • No surprise value at this time, really.

Genius is ten percent inspiration and fifty percent capital gains.

Working...