Axie co-founder hacked for $10M two years after $625M Ronin attack

Jihoz, the co-founder of crypto gaming platform Axie Infinity, has reportedly been hacked for $9.7 million from two ‘compromised’ personal wallets.

Over 3 million RON tokens were drained on the Ronin Network before being sold for ETH, causing a 9% drop in the token’s price, according to data from CoinMarketCap.

According to Peckshield, over 3,000 ETH were withdrawn from the game’s Ronin Bridge, which also suffered a loss from compromised keys in 2022. The funds were immediately deposited into crypto mixing service Tornado Cash.

Read more: Explainer: What to know about crypto mixer Tornado Cash

Security firm Ancilia’s initial flagging of the withdrawals suggested that the bridge itself had an issue. However, this was quickly refuted by Axie and Ronin’s COO, who added, “The bridge itself has top security, been through many audits, and goes on pause when too much is being withdrawn.”

Axie Infinity is a blockchain-based game that exploded in popularity via the concept of ‘play-to-earn’ during the crypto market’s last bull run.

Read more: The play-to-earn crypto bubble has popped — Axie Infinity leads, down 99% from ATH

In order to avoid costly Ethereum transaction fees, which would make the game unplayable, Ronin Network was set up as a cheap sidechain for players’ assets.

In March 2022, the Ronin Bridge was hacked for approximately $625 million worth of Ether and USDC. Shortly afterward, the FBI ascribed the losses to the work of the North Korean state-sponsored hacking group Lazarus.

The bridge was emptied due to a majority of validator keys (five of just nine validators) being compromised. For comparison, Ethereum currently has over 1.2 million validators. Four of the Ronin validators were run by Sky Mavis, the developers of Axie Infinity, with the final validator, which belonged to the Axie DAO, overridden thanks to an agreement designed to ease network congestion.

This attack was originally detailed in a post-mortem report from the Ronin team, but it has since been deleted.

With such a large concentration of funds, blockchain bridges have often proven lucrative targets for crypto hackers, who use an array of social engineering techniques to gain access to key infrastructure. 

In the case of Ronin, the hack was executed through a malicious PDF, which was delivered under the guise of a job offer. 

Jihoz has yet to provide details on how he believes this latest attack took place.
Read more: