Over $622 million was stolen from the blockchain network behind Axie Infinity
NFT Vulnerability and Security Concerns.
Do you believe the entire web3 marketplace is rife with lawlessness and chaos?
Hackers have taken $622 million from Axie Infinity’s ‘Ronin’ blockchain network.
eDataPay still support transactions by Credit Cards and ACH Fiat to Blockchain Crypto currency.
It’s past time for us to understand the vulnerabilities and security concerns associated with public blockchain wallets and exchanges, especially NFT platforms.
To alleviate your uncertainties, let’s debunk the NFT flaws and security issues.
Since the beginning of 2021, non-fungible tokens have been in the spotlight. One of the most eye-catching pieces of news was a $69 million NFT sale, which drew everyone’s attention to NFTs. People, on the other hand, are wary about NFTs and are questioning, “Are NFTs safe?” before forming an opinion about them. NFTs, being a new type of digital token, bring a slew of advantages, including better control and ownership of digital assets.
Furthermore, NFTs play an important role in increasing the liquidity of formerly illiquid locations. However, amidst all the buzz around NFTs, there are a number of NFT flaws and security risks that may go unnoticed. The following discussion will assist you in identifying some of the most common NFT vulnerabilities and security issues.
The ‘Ronin’ blockchain network, which runs the popular NFT-based online game Axie Infinity, has been hacked for $622 million.
Axie Infinity, created by Sky Mavis in Vietnam, allows players to collect and mint NFTs in order to claim ownership of axolotl-inspired virtual pets known as “Axies.”
After an attack on a network that powers the popular blockchain video game Axie Infinity, hackers made off with almost $622 million in cryptocurrencies. The Ronin network serves as a link between the video game and blockchains, allowing bitcoin to be transferred in and out of the game.
Axie Infinity, the popular crypto game, says it is “totally dedicated” to reimbursing participants.
During this recent breach on the network that runs Axie Infinity, one of the world’s most popular NFT video games, thieves made off with more than $600 million in cryptocurrency. The Ronin network is used to transport bitcoin in and out of Axie Infinity, acting as a link between the game and blockchains.
In a blog post on Tuesday, the Ronin network, a blockchain developed by Sky Mavis, the company that owns Axie Infinity, verified the hack and emphasized that it occurred six days prior on March 23, as reported by Reuters.
According to Fortune, the criminals targeted the Ronin Network and made off with 173,600 Ethereum (ETH) and 25.5 million USD Coins (USDC), totaling hundreds of millions of dollars. According to Ronin’s blog post, the assailants got off with 173,600 ether and 25.5 million USD coin. Axie Infinity’s Twitter page also verified the attack. In a blog post, Ronin stated that it is collaborating with Chainalysis, a blockchain tracking company, to track the stolen cash.
Bloomberg, Sky Mavis COO Aleksander Larsen stated that the business will compensate gamers who have lost money as a result of the breach. Larsen told Bloomberg, “We are totally committed to reimbursing our players as soon as possible.” “We’re still working on a solution, and the conversation is still going on.”
let’s not forget this. In March 2021, hackers were able to get illegal access to a number of Nifty Gateway NFT user accounts. During the attack, hackers transferred previously acquired NFTs and purchased fresh NFTs to be transferred using payment cards on file. The NFTs were sold to a separate buyer on a different site by the attackers. Users were unable to retrieve NFTs since Nifty Gateway kept the private keys for the affected NFTs on the platform. Such occurrences shed light not just on NFT security concerns, but also on other issues that face the NFT ecosystem.
In a social media post, Ronin confirmed the hack and stated that it is “working with law enforcement agencies, forensic cryptographers, and our investors to ensure that any money are recovered or refunded.”
The attacker utilized hijacked private keys to fabricate bogus withdrawals, according to Ronin, who was made aware of the vulnerability after a user reported being unable to withdraw $5,000 in ETH.
Axie Infinity is a computer-based Pokemon-style video game in which players produce and combat artificial monsters known as “axies,” which are linked to non-fungible tokens (NFTs). In the game, players can earn bitcoin, which can then be exchanged on select cryptocurrency markets outside of it.
“There are presently 9 validator nodes in Sky Mavis’ Ronin chain. Five out of the nine validator signatures are required to recognize a Deposit or Withdrawal event. The attacker gained access to Sky Mavis’s four Ronin Validators as well as a third-party validator operated by Axie DAO, according to the Ronin statement.
According to Business Insider India, $3.5 billion in NFTs went via Axie Infinity in 2021. Axie Infinity’s long-term viability has been questioned, as the game’s economy may require new players to join in order for it to stay solvent.
Sky Mavis did not respond to a request for comment right away.
“This dates back to November 2021, when the Axie DAO validator was approved for free transaction distribution. The Axie DAO validator IP was still on the allowlist until it was deactivated in December 2021. Using the gas-free RPC, the attacker was able to obtain the signature from the Axie DAO validator once they gained access to Sky Mavis systems.
“We’ve verified that the signature in the fraudulent withdrawals matches the signatures of the five suspect validators.”
Ronin responded by stating that it “acted rapidly to rectify the problem” and that it is presently taking efforts to prevent future attacks. To minimize further short-term damage, the business has raised the validator barrier from five to eight and temporarily suspended the Ronin Bridge, which allows transactions, to guarantee that no attack vectors remain open.
The value of NFTs is determined by a variety of criteria, including total supply and minting number, as well as other unique features and community support. You’d never discover two identical CryptoKitties with the same value, for example. The value of CryptoKitties is determined by the minting number, time of creation, and special features, as well as demand. So, in a nutshell, NFTs are one-of-a-kind digital tokens that can aid you in gaining complete control over your assets.
Users of “axies” are unable to withdraw or deposit funds to Ronin Network at this time. Sky Mavis is dedicated to recovering or reimbursing all of the money that have been siphoned.
To sum it up
Non-fungible tokens are an obvious step forward in the evolution of digital assets. Along with the practical characteristics of blockchain technology, they deliver the benefits of uniqueness and improved control over digital assets. However, the NFT flaws and security concerns that are frequently revealed can be significant roadblocks to its adoption.
On the contrary, dismissing NFTs just because of their security problems and weaknesses is simply irrational. In fact, you should seek out solutions that can assist you in gaining a better understanding of NFT smart contract vulnerabilities. Additionally, options for warnings about any suspicious activity on NFT marketplaces and in your accounts are available. Learn more about NFTs to better understand their vulnerabilities.