Still, it can be a security risk if someone compromises enough of them - in this case, the attacker took over five of the nine nodes and could withdraw any funds they wanted.Ĥ/ We thank everyone in the community for their patience as we re-created the Battle system from scratch to be more fun, beautiful, and engaging. Having fewer nodes to review transactions makes things faster and more efficient. Nguyen says that the Ronin Network will expand the number of validator nodes on its proof-of-stake blockchain network over the next three months from five to 21 to strengthen security. Industry watchers like Peckshield continue to post alerts in real time as small fractions of the stolen crypto shift out of the thief’s account to other wallets and into mixers like Tornado Cash. #PeckShieldAlert ~1,700 $ETH into from exploiters 0x01a5d51057a82818d68D8f3B76EF0ac69a99A911 #onthemove /LQFJoZw5V1- PeckShieldAlert April 6, 2022Ī report by The Wall Street Journal cites the CEO of bug bounty platform Immunefi saying that moving this much money through a tumbler could take years. As we detailed in 2013, while crypto mixers or tumblers can help obscure the source of funds, law enforcement organizations are focusing on them even more carefully, and washing such an enormous sum could take a long time. Attempting to launder a haul of that size is a problem since anyone can see transactions made on the blockchain. Their plan is to wait two years and then have the DAO vote on what to do next.Īs far as the stolen funds, about 168k Ether (worth over $540 million at this writing) remain in the wallet where the thief or thieves left them. While they remain committed to making players whole using their own funds combined with the investments, the 56,000 Ether nicked from the Axie Infinity DAO’s treasury will remain “undercollateralized” while the company and law enforcement try to get the crypto back. The Sky Mavis team says the March 23rd heist (that, again, went unnoticed until March 29th when a user tried to withdraw funds and couldn’t) was “socially engineered,” taking advantage of vulnerabilities from trade-offs made while attempting to reach mainstream adoption. Binance (which just invested in the game) has reopened transactions with the network, and according to the exchange, that means “all individual users will be able to withdraw their funds.”
Now Sky Mavis says that it plans to reopen the Ronin Network bridge after it undergoes a security upgrade and audits to try and detect if there are other weaknesses. The list includes crypto exchange Binance, Web3-promoting venture capital firm A16z, and Animoca Brands, which owns The Sandbox, among several others. Other crypto companies that work with Axie Infinity and Sky Mavis - and have enormous sums tied up in Web3 and NFTs - lead the list of names that bought in to bail out Sky Mavis instead of potentially seeing it collapse.