They stole over 620 million in an attack on Ronin, the blockchain network used by Axie Infinity.

Ronin is an ETH side-chain created by Sky Mavis, an independent blockchain network compatible with Ethereum that enables interoperability between both networks. last tuesday company I showed which experienced a security incident that resulted in the theft of over $600 million in Ethereum (173,600 ETH) and $25.5 million in USDC stablecoin.

It is worth noting that this network was created specifically for the popular video game “Play to Earn”. Axi Infinitywhich rewards players with crypto assets that can be bought and sold and allows participants to earn money.

In the statement, Ronin explained that the incident occurred on March 23 and it was discovered that Sky Mavis Ronin and Axie DAO validation nodes, which are used to verify deposits and withdrawals, had been compromised, allowing the cybercriminals responsible for the attack to sign transactions using the compromised validation nodes and extract Funds from the network in two transactions using the stolen private keys.

In order to validate a transaction on the Ronin network, whether it is a deposit or withdrawal, nine validation nodes are used, which require at least five validation signatures, which is what happened on this occasion.

Apparently, the origin of the problem that allowed attackers to extract this money goes back to November 2021, when Sky Mavis Ronin requested the help of Axie DAO al, enabling Sky Mavis to sign several transactions on its behalf to respond to the growing number. of transactions. While this was no longer required in December, the permission granted by Axie DAO was not revoked, and this allowed the attacker to access the validation signatures.

At the moment, the company is investigating what happened and trying to trace the stolen funds, which are mostly still in the attacker’s wallet, and stated that it is committed to guaranteeing the recovery or compensation of the stolen funds. Yesterday, the company said it was certain this was an external incident and that the evidence it had so far indicated that this attack was based more on social engineering than on exploiting a technical vulnerability.

This incident is the second largest crypto-related incident after the platform attack poly mesh An anonymous actor stole more than $600 million in crypto assets.

Other more recent cases were the theft of $150 million in various tokens before BitMart تبادل exchange or the worm platform attack In which they exploited a loophole that allowed them to steal 120,000 ETH.

Cybercriminals’ interest in cryptocurrencies will continue to grow as more followers join these projects and the value of these assets continues to rise. ESET researchers recently discovered a new scam scheme in which they are distributing Cryptocurrency wallet apps Legitimate Phrase Stealing Legitimate Apps by Impersonating Legitimate Portfolio Stealing Apps.