U.S. markets open in 4 hours 41 minutes

  • S&P Futures

    4,333.50
    +18.75 (+0.43%)
     

  • Dow Futures

    33,984.00
    +109.00 (+0.32%)
     

  • Nasdaq Futures

    14,784.25
    +69.25 (+0.47%)
     

  • Russell 2000 Futures

    1,787.20
    +9.30 (+0.52%)
     

  • Crude Oil

    91.32
    +0.93 (+1.03%)
     

  • Gold

    1,914.30
    -5.50 (-0.29%)
     

  • Silver

    23.05
    -0.15 (-0.65%)
     

  • EUR/USD

    1.0569
    -0.0007 (-0.06%)
     

  • 10-Yr Bond

    4.5580
    0.0000 (0.00%)
     

  • Vix

    18.06
    -0.88 (-4.65%)
     

  • GBP/USD

    1.2156
    -0.0002 (-0.01%)
     

  • USD/JPY

    149.0350
    +0.0360 (+0.02%)
     

  • Bitcoin USD

    26,239.76
    -36.81 (-0.14%)
     

  • CMC Crypto 200

    561.89
    -1.92 (-0.34%)
     

  • FTSE 100

    7,637.21
    +11.49 (+0.15%)
     

  • Nikkei 225

    32,371.90
    +56.85 (+0.18%)
     

Hackers just stole more than a half billion dollars from Axie Infinity’s Ronin Network in what could be the biggest crypto heist of all time

1
Taylor Locke
·2 min read
Courtesy of Axie Infinity

In what might be the biggest crypto hack to date, around $622 million has been stolen from a blockchain-based gaming network.

The Ronin Network, which powers the super popular Axie Infinity game, confirmed the security breach on Twitter today. According to the network’s Substack post, Ronin was exploited for 173,600 Ethereum and 25.5 million USDC.

https://twitter.com/Ronin_Network/status/1508828719711879168?s=20

“We are working with law enforcement officials, forensic cryptographers, and our investors to make sure that all funds are recovered or reimbursed,” the Ronin Network tweeted.

To approve any withdrawal or deposit, Ronin requires five of its nine validators to sign off on transactions to ensure funds are not moved by anyone with malicious intent. The attacker was able to control four Ronin validators and one validator linked to the Axie DAO–the decentralized autonomous organization associated with Axie Infinity.

The attacker used “hacked private keys,” or passwords, “in order to forge fake withdrawals,” according to Ronin’s Substack post.

Though the exploit was noticed just this morning after a user was unable to withdraw funds, it took place last Wednesday, as Ronin and CoinDesk point out.

Going forward, Sky Mavis, the company that created Axie Infinity and Ronin, says it will require eight of nine validators to move funds, and plans to increase the amount of validators over time.

“As we’ve witnessed, Ronin is not immune to exploitation and this attack has reinforced the importance of prioritizing security, remaining vigilant, and mitigating all threats,” Ronin wrote in its Substack post. “We know trust needs to be earned and are using every resource at our disposal to deploy the most sophisticated security measures and processes to prevent future attacks.”

These hacks aren’t abnormal in the crypto space. For example, a hacker stole $611 million from the decentralized finance (DeFi) protocol Poly Network in August, though the majority of funds was ultimately returned.

This story was originally featured on Fortune.com