Axie Infinity Hacked, Over $600 Million In Losses

by Arjun Agarwal

The crypto community suffered from yet another hack, as one of the biggest blockchain-based games got hacked for over $600 million worth of cryptocurrencies.

The hack happened on Axie Infinity’s Ronin Network, which was deployed for speeding up Ethereum transactions. The game has a sidechain called Ronin to help reduce transaction fees, as Ethereum gets often congested with transactions, which brings the costs per transaction up.

The problems that come with the transaction fees limit the user experience on games such as Axie Infinity. One of the ways of mitigating transaction fees was the sidechain deployment, alongside a wallet and a corresponding bridge.

The hacking mechanism

The hack occurred exactly on the Ronin Bridge’s validation mechanism, as the Bridge works by securing user funds by a set of 9 secret keys. However, if an illicit entity has access to at least 5 of those keys, it may use the network to unlock and release the funds. This is similar to a 51% attack, where hackers must gain access to 51% of the processing power in order to manipulate transactions.

The hacker, according to a report, found a flaw in the Ronin Bridge node and took control over 4 Ronin validators as well as a third-party validator run by the Axie DAO. The result – over 173,600 ETH tokens escaped from Axie’s vault.

Ronin’s answer

The Ronin network pushed out a public notice about the stolen funds 6 days after the hack, publishing a detailed post-mortem analysis of the situation. To enhance security, Ronin increased the validator threshold from five to eight. Despite making the confirmation process slower and more expensive, it is a necessary measure. Also, Ronin paused the Bridge to close any remaining attack vectors.

The crypto community and the hack

The latest hack is a massive blow for the crypto industry and the NFT sector, but the crypto community got furious about Ronin’s 6-day delay in acknowledging any problems on its networks. Furthermore, crypto enthusiasts seem very wary of such attacks, since the Mt. Gox exchange hack did indeed crash the crypto market, bringing Bitcoin prices from a high of $1,000 to a low of $200 in the early days of Bitcoin, while many other hacks undermined the trust in the sector.

However, the Mt. Gox hack happened in 2013, with the crypto industry evolving rapidly in the past 10 years and such cases being less and less evident.

The crypto market, on the other hand, matured, as institutional investors now joining the race. This makes crypto hackers more and more innovative in their hacks.

The fake wallet apps

Indeed, research by cybersecurity firm ESET has uncovered a “sophisticated scheme” that disseminates Trojan applications disguised as popular cryptocurrency wallets. It turns out the scheme imitates legitimate crypto wallets including MetaMask, Coinbase, Trust Wallet, TokenPocket, Bitpie, imToken, and OneKey.

Just in the case of the Jaxx Liberty wallet, ESES discovered 13 malicious apps, available on the Google Play Store, that imitates the app.

Lukáš Štefanko, a researcher at ESET, emphasized that there were other threat vectors such as sending seed phrases to the attacker’s server using unsecured connections.

“Victims' funds could be stolen not only by the operator of this scheme but also by a different attacker eavesdropping on the same network,” Štefanko added.

Meanwhile, according to a report from Chainalysis, crypto-jacking accounted for 73% of the total value received by malware-related entities from 2017 to 2021.