In one of the largest decentralized finance (DeFi) breaches yet, a hacker has stolen cryptocurrencies worth $625 million from Ronin, a Blockchain platform behind the popular non-fungible token (NFT) game Axie Infinity.
The Blockchain platform and Axie Infinity operator Sky Mavis admitted the security breach, saying that 173,600 Ethereum and 25.5M USDC (a cryptocurrency pegged to the US dollar) were drained from the Ronin bridge in two transactions.
“The attacker used hacked private keys in order to forge fake withdrawals. We discovered the attack after a report from a user being unable to withdraw 5k ETH from the bridge,” Ronin Network said in a statement late on Tuesday.
The company has temporarily paused the Ronin Bridge to ensure no further attack vectors remain open.
“Binance has also disabled their bridge to/from Ronin to err on the side of caution. The bridge will be opened up at a later date once we are certain no funds can be drained,” said the company.
The company was working with law enforcement officials, forensic cryptographers, and investors to make sure all funds are recovered or reimbursed.
“As we’ve witnessed, Ronin is not immune to exploitation and this attack has reinforced the importance of prioritizing security, remaining vigilant, and mitigating all threats,” said the Blockchain platform.
“As of now, users are unable to withdraw or deposit funds to Ronin Network,” it added.
In January this year, hackers stole crypto tokens worth $120 million from the Blockchain-based decentralized finance (DeFi) platform BadgerDAO. Several crypto wallets were drained before the platform could stop the cyber attack.
In December last year, cybercriminals stole cryptocurrency worth $80 million from Qubit Finance, a decentralized finance (DeFi) platform.