The Ronin Network and Sky Mavis have vowed to upgrade their smart contracts, offer lucrative bug bounties and ramp up security following the $600 million hack late last month.

As Cointelegraph previously reported, the Ethereum sidechain developed for the popular NFT game Axie Infinity was the victim of an exploit for 173,600 Ether (ETH) and 25.5 million USD Coin (USDC) worth more than $612 million at the time.

Earlier this month the Federal Bureau of Investigation (FBI) attributed the attack to North Korea-based and state-sponsored hacking group Lazurus, as it fired off a warning to other crypto and blockchain organizations.

Ronin announced its platform changes via a post-mortem report published yesterday, noting that all user funds are in the process of being restored as it vowed to make sure this “never happens again.”

The hack run down

The hack was the result of a spear phishing attack on a former Sky Mavis employee (developers of Axie Infinity). The bad actor was able to leverage the employee’s credentials to access Sky Mavis’s four validator nodes out of a total of nine in the Axie/Ronin ecosystem.

This by itself was not enough to do any damage, but “the attacker found a backdoor through our gas-free RPC node, which they abused to get the signature for the Axie DAO validator.”

“This traces…

Source link

Leave a Reply

Your email address will not be published.

Fill out this field
Fill out this field
Please enter a valid email address.
You need to agree with the terms to proceed