NFT Evening NFT Evening
    Facebook Twitter Instagram Reddit
    NFT Evening NFT Evening
    • News
      • Collectibles
      • Crypto Art
      • Blockchain games
      • Metaverse
      • Music
      • Interviews
    • Guides
      • Top NFT Projects
      • Top Blockchain Games
      • NFT Marketplaces and Tools
    • Learn here!
      • What is an NFT?
      • How to keep your NFTs safe
      • NFT Glossary
    • NFT Calendar
      • NFT Drops
      • NFT Conferences
    NFT Evening NFT Evening
    Blockchain games

    Home » News » The Axie Infinity Ronin Network Security Breach: What Really Happened?

    The Axie Infinity Ronin Network Security Breach: What Really Happened?

    By OlaApril 27, 2022Updated:February 1, 20234 Mins Read
    Contents hide
    Ronin Network explains the factors behind historic security breach
    An oversight allowed hackers to take control of more than half of the Ronin validator nodes
    What is Ronin Doing about the security breach?

    Over a month later, a clearer picture of the colossal security breach of Sky Mavis’ Ronin Network is finally emerging. The major hack of Sky Mavis’s Ronin validator nodes and the Axie DAO validator nodes led to over $600 million being stolen from the Ronin Bridge. Now the home network of Axie Infinity has put out a full post-mortem on the incident, detailing exactly what happened.

    Characters from the centerpiece of the Ronin Network, Axie Infinity
    Ronin Network, home of top P2E game Axie Infinity, has published a post-mortem of the record-breaking hack it suffered last month. Credit: Axie Infinity

    Ronin Network explains the factors behind historic security breach

    The 73,600 ETH and 25.5M USDC heist of the Ronin Network is one of the biggest security breaches in the short history of DeFi. Needless to say, Ronin Network is facing immense pressure. Not only to rectify the situation for its users but also to rebuild public trust.

    To that end, Ronin Network’s security breach postmortem goes through everything that happened, and the changes the team is making to boost its security.

    The first point that Ronin Network addresses in its post-mortem, is why it took so long to identify the security breach in the first place. To clarify, while the hack happened on March 23, the Sky Mavis team didn’t realize it until March 29.

    Astoundingly, Ronin admits that this was possible because it, “…didn’t have a proper tracking system for monitoring large outflows from the bridge”. As a result, it notes that transactions of that size will require “human interaction” on its new Ronin bridge.

    Next, the post-mortem explains how a (now-former) employee was compromised by what it calls an “advanced spear-phishing attack”. That is how the hackers were able to breach Sky Mavis’ IT security and access the validator nodes.

    graphic showing Ronin Network elements including Axie Infinity
    Most activity on the Ronin Network stems from the blockbuster NFT game, Axie Infinity, Credit: Ronin Network

    An oversight allowed hackers to take control of more than half of the Ronin validator nodes

    The next major blunder on Sky Mavis’ part relates to the Axie DAO validator. To explain, back in November 2021 Sky Mavis asked the Axie DAO to help distribute free transactions. This was due to a high user load at the time. In response, the Axie DAO allowed Sky Mavis to sign transactions on its behalf.

    The fatal error came when this arrangement ended in December 2021. At that time, the allowlist access enabling Sky Mavis to sign transactions was not revoked.

    Due to the oversight, the hackers were able to use Sky Mavis’ gas-free RPC to get the signature from the Axie DAO validator. In so doing, the hacker was able to take control of 5/9 Ronin Network validators. That was necessary to make the withdrawal and complete the attack.

    "securing Ronin" response graphic to Ronin Network security breach
    The team behind Ronin Network is working to make sure it never suffers another security breach. Credit: Ronin Network

    What is Ronin Doing about the security breach?

    Firstly, Ronin moved to add more validator nodes to prevent any similar security breaches. It also acted quickly to assure users that they would be compensated. The postmortem also includes details on the Ronin Network’s new security roadmap. Some of the points on the roadmap include:

    • Continuously working with top-tier security experts to avoid lingering threats.
    • Increasing the amount of Validating Nodes on Ronin Network
    • Implementing Stricter Internal Procedures
    • Launching a bug bounty

    All things considered, this security breach of the Ronin Network is the worst pain point in what has been a very challenging year for Axie Infinity creators, Sky Mavis. 2022 has been a stark contrast to 2021. After all, last year was when Sky Mavis’ Axie Infinity became arguably the first smash-hit blockchain game. In any case, Sky Mavis and its backers are doing everything they can to move on positively from the enormous setback.

    It’s also worth noting that the attackers were far from your average hacker. Around the time of the security breach, nobody knew who actually hacked the Ronin Network. However, it later came out that a state-sponsored North Korean hacker group, Lazarus Group carried out the attack.

    You can read the full post-mortem from Ronin Network here.

    Join Our New "To The Moon" daily Newsletter

    Get our free, 5 minutes daily newsletter. Join 25,000+ NFT enthusiasts & stay on top 👊🌚

    Thank you!

    You have successfully joined our subscriber list.

    .

     


    All investment/financial opinions expressed by NFTevening.com are not recommendations.

    This article is educational material.

    As always, make your own research prior to making any kind of investment.

    Previous ArticleCasino Royal Is Taking NFT-Powered Gambling To The Next Level
    Next Article There’s A Louis Vuitton NFT Scam Targeting Whales: Watch Out!
    Ola

    Ola is a US-based writer and digital nomad. He loves thinking, learning, and writing about all things Web3, particularly its impact on major creative industries.

    More great NFT Evening content:

    InfiniGods Web3 Gaming Studio Debuts Their First Game: InfiniMerge

    January 27, 2023

    Web3 Gaming Platform ‘Fractal’ Expands Onto The Polygon Network

    January 26, 2023

    Axie Infinity Sees Active Users Rise 59%: Is Play-to-Earn Cool Again?

    January 23, 2023

    Neopets Raise $4 Million To Bring The Game Into The Metaverse

    January 20, 2023

    Alien Worlds Opens Up the 2nd Part of its Community Grants Program

    January 18, 2023

    Cometh is Now Available to Play Through the Ledger Live App

    January 17, 2023

    Skyweaver Launches Its Latest Expansion: Hexbound Invasion

    January 16, 2023

    Drone Racing League Drops Trailer for Metaverse Game on Algorand

    January 12, 2023
    Latest NFT News

    NFT Market Recovers: CryptoPunk Sells For Almost $1.5 Million

    February 8, 2023

    Earn Royalties from Hit Rihanna Song With Deputy NFTs

    February 8, 2023

    Polygon Outperforms Ethereum NFTs on OpenSea for the Second Month

    February 7, 2023

    Jack Butcher’s Checks NFT Collection Overtakes BAYC Trading Volume

    February 7, 2023

    Yuga Labs Settles Court Case with Ryder Ripps BAYC NFT Collection

    February 7, 2023

    Japan Leads The Way in NFTs And DAOs With PM’s Support

    February 7, 2023

    JokerClub by Partouche Verse x Porsche

    February 7, 2023

    BAYC Dookey Dash Sewer Pass Claim Ends Tomorrow!

    February 7, 2023
    Get The FREE Exclusive Report
    CLICK HERE

    NFTevening is the biggest website for NFT news. We cover; breaking news, upcoming mints, plus, interviews with top NFT artists and projects. Put simply, we are the best place for new and experienced non-fungible token fans — making content fun & accessible

    Privacy policy
    Terms and conditions

    Article Categories
    • Blockchain games
    • Collectibles
    • Crypto Art
    • Guides
    • Interviews
    • Metaverse
    • Music
    • News
    • NFT Marketplaces and Tools
    • Sponsored Content
    • Top Blockchain Games
    • Top NFT Projects
    NFT Calendar
    • Today’s NFT Drops
    • Upcoming NFT Drops
    • Solana NFT Drops
    • NFT Calendar
    • NFT Calendar : Add Your NFT Event
    Get In Touch
    • Advertise (Media Kit)
    • Collaboration and Press Releases
    • Job Opportunities
    • About Us
    • Contact Us
    NFT Beginners Guides
    • How to Sell NFT Art
    • How to Create NFT Art
    • How to Display NFT Art
    • How To Make Passive Income With NFTs
    • Best Crypto Wallet
    • Best NFT Coins
    • Best NFT Rarity Tools
    • What is a DAO ?
    • What Are Crypto Gas Fees ?

    Type above and press Enter to search. Press Esc to cancel.