Axie Infinity. Playback/Substack
The Ronin Network confirmed that “The Lazarus Group” was responsible for the multimillion-dollar hack and promised that user funds are “in the process of being restored.”
Following the theft of $620 million from the Ronin Network, an Ethereum sidechain linked to the game Axie Infinity, by North Korean hackers, developers have implemented enhanced security measures to prevent further attacks in the future.
The project revealed that the cyberattack happened on March 23 and was identified on March 29 by the Sky Mavis team, the company behind the Axie Infinity project. “We did not have an adequate tracking system to monitor major bridge exits, which is why the breach was not discovered immediately,” the entity explained about the delay.
As we explained earlier on Cointimes, the hackers gained control of five of the validator’s nine private keys – 4 Sky Mavis validators and 1 Axie DAO – and stole 173,600 ETH and 25.5 million USDC. The criminals drained the cryptocurrency in two transactions, and the total amount at the time of the attack was about US$620 million.
Ronin Network disclosed that hackers managed to gain control by compromising a Sky Mavis employee. Upon discovering the person’s connection to the incident, the organization fired this staff member.
At the time of the hack, Sky Mavis controlled 4 of the 9 validators, which would not be enough to forge loot. The validator key scheme is based on decentralization and constrains an attack vector. However, the offenders found a “back door through the gasless RPC node, which they abused to obtain the signature of the Axie DAO validator”.
Improving security and relaunch of the Ronin Network
The company has pledged to join forces with leading security experts, including CrowdStrike and Polaris Infosec, to prevent these attacks from happening again. It has also collaborated with other companies that must ensure that hackers cannot breach the network’s defense.
Sky Mavis has increased the number of validating nodes on the Ronin Network – from nine to eleven. In the next three months, the organization plans to increase that number to 21, “with the long-term goal of having more than 100.”
The project also wants stricter internal procedures and plans to roll out more training for its employees, preparing them to be ready should a similar case happen again.
“Ronin is now the gold standard when it comes to security. All code is being fully reviewed and optimized, with security experts reviewing the entire architecture.”
Ronin Network agreed with the FBI’s accusation that North Korea’s top cybercrime gang – “The Lazarus Group” – carried out the attack. The hackers have been described as an “extremely resourceful and sophisticated” team involved in many similar attacks in recent months. In addition, Ronin thanked the US authorities for their help and for identifying the attackers.
The Ronin Network bridge intends to open by the end of Aprilbut it will take the deadline until the end of May. Meanwhile, the world’s largest cryptocurrency exchange – Binance – will support the network for wETH and USDC withdrawals and deposits for Axie Infinity users:
“We initially hoped to be able to deploy the update by the end of April, but this is not a process we can afford to rush. The bridge will secure billions of dollars in assets and it needs to be done right. If all goes as planned, the bridge will reopen in mid/late May.”
Buy Bitcoin on Coinext
Buy Bitcoin and other cryptocurrencies on the safest exchange in Brazil. Sign up and see how simple it is, go to: https://coinext.com.br