November 29, 2022
Axie Infinity's Ronin sidechain was struck by a cyberattack that inflicted losses of more than $600 million in crypto, designers revealed yesterday.Hackers leveraged an exploit versus the blockchain network, which supports the popular play-to-earn( P2E)game Axie Infinity, on March 23 but developers just discovered the attack on March 29. The wrongdoers stole 173,600 ETH(roughly$590 millionat…

Axie Infinity’s Ronin sidechain was struck by a cyberattack that inflicted losses of more than $600 million in crypto, designers revealed yesterday.Hackers leveraged an exploit versus the blockchain network, which supports the popular play-to-earn( P2E)game Axie Infinity, on March 23 but developers just discovered the attack on March 29. The wrongdoers stole 173,600 ETH(roughly$590 million

at today time)and 25.5 million worth of the USDC stable coin by attacking Ronin validators. The destructive cyberattack jeopardized 5 out of 9 validator nodes. Blockchain validators are network nodes in charge of maintaining the blockchain’s stability by processing and validating deal blocks.”Sky Mavis’Ronin chain presently consists of 9 validator nodes.

In order to acknowledge a Deposit occasion or a Withdrawal event, 5 out of the nine validator signatures are required, “a Ronin blog post discusses.”The opponent managed to get control over Sky Mavis’s four Ronin Validators and a third-party validator run by Axie DAO.”” The validator key scheme is established to be decentralized so that it limits an attack vector, comparable to this one, however the enemy found a backdoor through our gas-free RPC node, which they abused to get the signature for the Axie DAO validator,” the post continues.The team is taking actions to ward off future attacks and “increased the validator threshold from 5 to 8 “to reduce more short-term damage. Developers also said they’re moving nodes to a separate infrastructure, temporarily stopped briefly the Ronin bridge and the Katana DEX(decentralized exchange), and are working with Chainalysis to keep an eye on stolen funds.According to Ronin’s blog post, the majority of the stolen funds are still in the hacker’s wallet.

Ronin stated it’s collaborating directly with various government companies to bring the wrongdoers to justice. Source