Axie Infinity Will Return the Funds Lost in the Network Hack

The Axie Infinity team is working tirelessly round the clock to ensure that the stolen funds worth about 615 million dollars stolen in the Ronin network hack are reimbursed to its users. 

Ronin Network Security Breach -Axie DAO compromise

Yesterday, Blockchain Journal reported the security breach that took place on the Ronin Network. It was discovered that there had been a compromise between Sky Mavis and Axie DAO validate nodes which resulted in the loss of 176,000 Ethereum and 25.5 million USDC, all amounting to approximately 615 million dollars in crypto. 

Axie Infinity is an online video game that is based on Non-fungible tokens. It is developed by Sky Mavis, a Vietnamese developer. The game is run on the Ronin network Blockchain which is built specifically for the game. Ronin uses a proof-of-stake mechanism to reach a consensus on its network. It consists of nine validator nodes on the network, needing at least five nodes to approve an event of deposit or withdrawal.

Ronin experienced a breach when the attacker was able to get control of four validator nodes and one third-party validator run by Axie DAO. 

The Ronin team stated technically that the attack dates back to November 2021 when Sky Mavis requested help from Axie DAO to resolve user transaction issues.

“This traces back to November 2021 when Sky Mavis requested help from the Axie DAO to distribute free transactions due to an immense user load. The Axie DAO allowlisted Sky Mavis to sign various transactions on its behalf. This was discontinued in December 2021, but the allowlist access was not revoked.”

The Co-Founder/COO of Axie Infinity and Sky Mavis, Alexander Leonard wrote a thread on Twitter where he publicly apologized to the Axie gaming community and confirmed that the breach was a social engineering attack combined with a human error from December 2021.

2/4

This was a social engineering attack combined with a human error from December 2021. @SkyMavisHQ tech is solid and we will be adding several new validators to @Ronin_Network shortly to further decentralize the network.

— Psycheout – Aleksander | Axie Infinity (@Psycheout86) March 30, 2022

He assured the community that he has been working closely and tirelessly for the past 36 hours with the Sky Mavis board and key cybersecurity personnel to get a complete overview of the situation. 

“Been an intense 36 hours. Been working with the Sky Mavis board and key cybersecurity personnel to get a complete overview of the situation. Our internal network is currently going through a deep forensics review to ensure there is no lingering threat”

-Alexander Leonard, COO of Sky Mavis 

To those who lost funds due to the hack, he affirmed that all lost funds will be recovered and reimbursed. 

Ronin network updated their community alert document saying that they have involved Chainalysis and Crowdstrike to track the funds, handle forensics, and set up surveillance tools.